Cyber-attacks against Palestinian government and civilians
0R0binH00d0 Aug 10th, 2018 (edited) 397 Never
- -------#1 Cyber-attacks against Palestinian government and civilians-------
-  https://blog.lookout.com/frozencell-mobile-threat
- ----- Introduction -----
- Over the last few months, there have been many publications concerning cyber-attacks against our Palestinian brothers. I have investigated these attacks since they were first reported . As part of my research, I tracked the attack servers and retrieved a lot of information stolen from the victims.
- In the past few hours, there have been reports in the media about the attack. I saw one of the messages described in the reports, and I think it s the same attackers I tracked. I wasn't ready to publish my research yet, but I have to share a few things, to warn you and show you all how the attackers have been spying against our brothers.
- These sloppy attackers do not understand much about security. I found many things in their servers - this is only a small piece of the information that I have watch out, your private data belongs to them!
- Notice what they seem to find interesting on their victims cellphones - pictures of women and children. Out of respect for the victims privacy, I have blurred the faces of the victims and deleted personal identifying information.
- I also found the list of victims, including their passwords, pictures and a lot more.
- Interestingly, some of the victims seems to be the attackers themselves. Such a shame Here are some pictures from the servers that I have.
- According to the list of victims I found on the servers, most of their IP addresses are in the West bank and Gaza strip (approximately 80%) and there are also victims from Egypt, Jordan and Lebanon. The attack is clearly against our Palestinian brothers.
- Here is a link to Geo map with the victim distribution
- ------Pictures and more examples--------
- Include links for some pictures of the victims that I got from the servers
- Include links for some screen shots uploaded by the malware
- -----Removal tool of the malicious app ------
- While investigating the attacker's tools, I also wrote a simple tool that removes the malicious application from a victim cellphone.
- Anyone who suspects that he is one of the victims, press the link to download the removal tool. It requires a one-time installation and it will remove the malicious application automatically.
- Feel free to look at the source code and develop it more, if you wish.
RAW Paste Data