Hackers posing as Israeli military launching cyberespionage campaign
What's the story
A cybersecurity report has revealed a new cyberespionage campaign targeting Israelis. The malicious operation comes in the wake of US and Israeli attacks on Iran. The campaign is said to have been launched by hackers posing as the Israel Defense Forces (IDF), specifically their Home Front Command unit. They sent text messages urging people to download an updated version of the official "red alert" Android app, which warns about rocket attacks.
Spyware installation
Malicious app steals sensitive data
The report from Acronis, a Swiss cybersecurity firm, revealed that downloading the suggested app would unknowingly install spyware on users' devices. The malicious version of the app secretly tracks exact location and steals text messages, passwords, contacts among other data stored on the phone. The hackers behind this campaign are suspected to be associated with a group called Arid Viper.
Group profile
Arid Viper has targeted Israeli soldiers before
Arid Viper is a group that has previously been blamed for espionage against Israeli soldiers as well as people in Egypt and Palestine. The Acronis report described the hackers behind this attack as "a capable and well-resourced threat actor operating with clear objectives." It also noted that this hacking campaign "illustrates how trusted emergency infrastructure can be exploited during periods of conflict."
Ongoing cyberattacks
Cyberattacks against Israel have increased recently
In recent days, several Iranian-aligned hacking groups have claimed responsibility for attacks on Israeli companies and government agencies. However, these cyberattacks have not yet had a major impact on the ongoing conflict. The hostilities began with a series of US and Israeli airstrikes against Iranian targets on February 28. On March 4, Israel announced it had struck several Iranian military installations in eastern Tehran, including a cyber-warfare command center.