API tools faq
paste
Advertisement
0R0binH00d0

Cyber-attacks against Palestinian government and civilians

0R0binH00d0
Aug 10th, 2018
2,435
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.81 KB | None | 0 0
raw download clone embed print report
  1. -------#1 Cyber-attacks against Palestinian government and civilians-------
  2.  
  3. ------Reference-----
  4.  
  5. [1] https://blog.lookout.com/frozencell-mobile-threat
  6.  
  7. ----- Introduction -----
  8. Over the last few months, there have been many publications concerning cyber-attacks against our Palestinian brothers. I have investigated these attacks since they were first reported [1]. As part of my research, I tracked the attack servers and retrieved a lot of information stolen from the victims.
  9. In the past few hours, there have been reports in the media about the attack. I saw one of the messages described in the reports, and I think it s the same attackers I tracked. I wasn't ready to publish my research yet, but I have to share a few things, to warn you and show you all how the attackers have been spying against our brothers.
  10. These sloppy attackers do not understand much about security. I found many things in their servers - this is only a small piece of the information that I have watch out, your private data belongs to them!
  11. Notice what they seem to find interesting on their victims cellphones - pictures of women and children. Out of respect for the victims privacy, I have blurred the faces of the victims and deleted personal identifying information.
  12. I also found the list of victims, including their passwords, pictures and a lot more.
  13. Interestingly, some of the victims seems to be the attackers themselves. Such a shame Here are some pictures from the servers that I have.
  14. According to the list of victims I found on the servers, most of their IP addresses are in the West bank and Gaza strip (approximately 80%) and there are also victims from Egypt, Jordan and Lebanon. The attack is clearly against our Palestinian brothers.
  15. Here is a link to Geo map with the victim distribution
  16.  
  17. https://anonfile.com/Q6v9J3f0b3/123456.png
  18.  
  19. ------Pictures and more examples--------
  20.  
  21. Include links for some pictures of the victims that I got from the servers
  22.  
  23. https://anonfile.com/TbvbJdfab9/4_1.jpg
  24. https://anonfile.com/Xcv6J1fbb7/5_1.jpg
  25. https://anonfile.com/b9waJ6f1be/10_1.jpg
  26. https://anonfile.com/f8wbJ1fbb7/12_1.jpg
  27.  
  28. Include links for some screen shots uploaded by the malware
  29.  
  30. https://anonfile.com/i0w8J0fabd/1.jpg
  31. https://anonfile.com/k9w3Jbfabf/7.jpg
  32. https://anonfile.com/m2w5Jbf0b2/9.jpg
  33. https://anonfile.com/uew4Jfffb5/10.jpg
  34.  
  35.  
  36. -----Removal tool of the malicious app ------
  37.  
  38. While investigating the attacker's tools, I also wrote a simple tool that removes the malicious application from a victim cellphone.
  39.  
  40. https://github.com/r0binh00d31337/Robin-Hood
  41.  
  42. Anyone who suspects that he is one of the victims, press the link to download the removal tool. It requires a one-time installation and it will remove the malicious application automatically.
  43.  
  44. Feel free to look at the source code and develop it more, if you wish.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!