Following the truce in Gaza, the MoleRATs hacking organization has continued to target Middle Eastern countries.


Days after Israel and Gaza-based militant group Hamas agreed to a ceasefire in May, Arabic-speaking hackers resumed an effort to break into government networks in the Middle East, according to research published Thursday.

It’s an example of how, alongside the violence that has long marked the Israel-Palestine conflict, there are often much subtler efforts by digital spies to access networks.

The hacking group, known as MoleRATs, sent target organizations a malware-laced PDF claiming to be a report on Hamas members meeting with the Syrian government, security firm Proofpoint said. The malicious code is able to access files and take screenshots on a victim’s computer in furtherance of a spying campaign.

It’s unclear what caused the hacking group to take a two-month break starting in March, or why it resumed activity in early June. Proofpoint analysts speculated that either the Muslim holy month of Ramadan or the latest Israel-Hamas conflict, which left hundreds dead, may have played a part. But analysts couldn’t “confirm either hypothesis with high confidence.”

Proofpoint says the group appears to support “military or Palestinian state objectives.” And while Israeli firm ClearSky has linked MoleRATs to Hamas, Proofpoint said it didn’t have evidence tying MoleRATs to a specific militant group.

MoleRATs is one of the more opportunistic hacking units in the Middle East, and often seizes on headlines of regional conflict to try to dupe targets into clicking on links. After the U.S. military killed Iran’s top general in January 2020, MoleRATs sent malicious emails to targets purporting to contain news of the general’s funeral.

The latest MoleRATs spearphishing campaign uses an updated version of hacking tool first noticed in December by security firm Cybereason. Then and now, the attackers are using the popular file-sharing platform Dropbox to siphon off data from targets.

Proofpoint declined to reveal the targets of the recent MoleRATs hacking.

The Israeli government, known for its own hacking prowess, singled out Hamas’ alleged cyber capabilities during the recent fighting. The Israeli Air Force on May 19 said that it had attacked an apartment in Gaza that Hamas members used for offensive cyber capabilities. Security analysts have exposed multiple hacking operations linked with Palestinian organizations in recent months. Facebook’s security team in April said they had taken down accounts and blocked internet domains associated with separate groups linked with Hama and the Palestinian Authority.

News Summary:

  • Following the truce in Gaza, the MoleRATs hacking organization has continued to target Middle Eastern countries.
  • Check all news and articles from the latest Security news updates.
Disclaimer: If you need to update/edit this news or article then please visit our help center.
For Latest Updates Follow us on Google News
      Bollyinside - US Local News & Breaking News Stories
      Compare items
      • Total (0)