Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


FireEye - Syrian Rebels Lose Critical Information to Hackers

Securityweek.com published a report on 2nd February, 2015 quoting a recent revelation by security firm FireEye as "Syrian opposition groups lost critical information when its members became victim of a "femme fatale" scheme through Skype chats which injected computers and phones with malware."

The security firm FireEye claimed that stolen data includes maps and supply needs, battle strategies and routes as well as ammunition and weaponry lists. It also exposes the personal information of fighters fighting against forces of President Assad as well as media activists, workers for human aids and others within the opposition located in Syria and beyond. The avatars' campaign started in November 2013.

The hackers lured victims through online chatting by pretending compassionate and attractive women conversing on Skype with their victims. The hackers would offer to load personal photo with malware during the conversations and get into the system of the target.

While opening the file by the victim, it would show a picture of a woman but actually in the background DarkComet malware was installed silently giving the hackers access to the computer of the victim remotely.

The hackers managed to put a question during conversation on the Skype before sending malware loaded image to find whether their targets were using Windows PC or Android smartphone and in view of this create the malware.

The hackers prepared a profile on Facebook to avoid the arrest due to fake female avatar which used the same picture and was filled with speech in favor of opposition. The hackers also kept a fake website for Syrian opposition which seemed to support the rebels but actually it stored the unchanged DarkComet malware.

FireEye stated that the data appeared to exfiltrate and tallied at around 7.7GB which included 31,107 conversations, 64 Skype account databases, 240,381 messages and 12,356 contacts.

FireEye added that it found many references to Lebanon while researching past malicious activity of the threat group. It also found that a user in the country uploaded test versions of malware which was used during the campaign and chats where hackers (using social engineering tricks) claimed to be present in Lebanon.

The report added that Social media pages mention that the (female) avatars are Lebanese or they are refugees in the country.

ยป SPAMfighter News - 2/10/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page