And Hamas on the Internet? A team of cyber-espionageKnown as the Gaza Cybergang, the Gaza Hackers Team or Molerats resumed operations in April 2016 after ceasing all operations when security firm ClearSky discovered their presence in January 2016.
Gaza Cybergang has been operating since 2012, when various security firms first detected its activities. Since then, the team has been extremely active in custom development malware which promoted with intensive campaigns such as: DownExecute, XtremeRAT, MoleRAT, or DustSky (NED Worm).
The latest of these activities occurred at the beginning of the year when it was discovered by an Israeli company ClearSky Security. In the DustSky campaign, the team focused on targets in Israel, Egypt, Saudi Arabia, the United Arab Emirates and Iraq, using attacks spear-phishing. Το κακόβουλο λογισμικό που χρησιμοποιούσε ονομαζόταν DustSky (NED Worm)και ήταν γραμμένο σε .NET.
ClearSky researchers have revealed that after their publication for DustSky, the group behind this campaign stopped all activity.
In addition, at least one of the team's hackers tried to get in touch with the security company to find out what the researchers knew about the team.
This idle time did not last long, as ClearSky says, and Gaza Cybergang started its activities against Middle East and Israeli targets.
Israel has not managed to avoid a new wave of hacking group attacks, as the team has renewed its attacks and targets since early April of 2016.
The security company reports that DustSky malware has been rewritten this time with C ++.
In addition, in order to avoid the eyes of the security company, the team is reportedly also beating targets from the United States,
Some of the Group's objectives are various banks in Israel and the United Arab Emirates, Foreign Ministries of Saudi Arabia and the United Arab Emirates, a former UK politician, a European Union diplomat, a US Department of State employee, a person in the office of the Prime Minister of the Palestinian Authority, and several other diplomats and ambassadors.
Η ομάδα αυτή τη στιγμή “κυνηγάει” περισσότερους από 150 διαφορετικούς στόχους, και έστειλε phishing emails τους σε ιδιωτικές διευθύνσεις ηλεκτρονικού post office(Gmail, Yahoo, Hotmail), avoiding sending to government email addresses.
This time, ClearSky reports that the group has left more traces and is now able to assess with "certainty that behind these attacks is the terrorist organization Hamas."
