‘Stealth Falcon’ Cyber-Spying Gang Attacks UAE Dissidents, Activists and Journalists

An advanced cyber-espionage gang called Stealth Falcon with the possibility of being state-sponsored is wholly put to carrying out personalized spyware assaults on dissidents, activists and journalists of United Arab Emirates. The cyber-assaults, which began during 2012, are yet continuing. Dissidents in UAE are getting arbitrarily arrested not only following eavesdropping on them through customized spyware, but if they're found talking negatively of the authorities then too they can be manhandled with forced disappearance.

However, after exposure of the operations of Hacking Team in 2015 summer, the gang had to lose many clients, who either opted for Cellebrite, NSO Group or Finfisher, names of other suppliers of surveillance products aginst governments, or began creating monitoring software of their own.

One such Web-address was dispatched to Emirates Center for Human Rights founder Rori Donaghy, who's also a journalist in UK. University-of-Toronto's Citizen Lab team detected that the spyware had connection with 67 working CnC (command-and-control) servers tied in a network, indicating the spyware had a broader use, probably from the same controllers alternatively from others.

Now, before Donaghy was attacked, he received an e-mail in November 2015 that "The Right to Fight" syndicate sent him asking he join certain panel of human rights. Donaghy became suspicious so he forwarded the e-mail to security experts. They found that a web-link inside the e-mail diverted user onto unintended destination, but even before that the target's PC got profiled with a JavaScript. Networkworld.com posted this, May 30, 2016.

According to the Citizen Lab researchers, the above spyware products after infecting victims would steal their confidential data while upload it onto the 67 CnC servers.

The team from Citizen Lab observed that based on circumstantial evidence Stealth Falcon had a connection with the Emirates government.

There's evidence that nearly every person targeted within the mentioned spyware campaigns got into argument with the Emirate cops at least once, as well as that one tweet from the government contained the condensed URL. Moreover, since the spying gang knew something about its targets' activities and interests, possible solely with a state-backed syndicate, it appears the gang had a minimum linkage with UAE government sources.

» SPAMfighter News - 6/6/2016