LoraxLive_AnonymousRadio_EvaGalperin_Interview. Anonymous. Campaign Targeting Syrian Activists Escalates with New Surveillance Malware. Since the beginning of the year, pro-Syrian-government hackers have steadily escalated the frequency and sophistication of their attacks on Syrian opposition activists.
We have reported on several Trojans, which covertly install spying software onto the infected computer, as well as phishing attacks which steal YouTube and Facebook login credentials. The latest surveillance malware comes in the form of an extracting file which is made to look like a PDF if you have file extensions turned off. New Malware Targeting Syrian Activists Uses Blackshades Commercial Trojan. Since March of this year, EFF has reported extensively on the ongoing campaign to use social engineering to install surveillance software that spies on Syrian activists.
Syrian opposition activists have been targeted using several Trojans, including one disguised as a Skype encryption tool and others disguised as revolutionary documents. As we've tracked these ongoing campaigns, patterns have emerged that link certain attacks to one another, indicating that the same actors, or groups of actors are responsible. More than a dozen of these attacks have installed versions of the same remote access tool, DarkComet RAT, and reported back to the same IP address in Syrian address space. Campaign Targeting Syrian Activists Escalates with New Surveillance Malware.
EFF (Electronic Frontier Foundation)