First known Arabic cyber espionage group targets MidEast victims

Desert Falcons embark on spear phishing via e-mails, social networking posts and chat messages to target victims
By Neil Halligan
Wed 18 Feb 2015 01:32 PM

The first known Arabic cyber espionage group targeting multiple high profile organisations and individuals from Middle East countries has been uncovered.

Desert Falcons, discovered by Kaspersky Lab’s Global Research and Analysis Team, is a group of cyber mercenaries who have been developing and running full-scale cyber-espionage operations for at least two years.

According to Kaspersky Lab, the Desert Falcons started developing and building their operation in 2011, with their main campaign and real infection beginning in 2013. The peak of their activity was registered at the beginning of this year.

Kaspersky Lab experts found signs of more than 3,000 victims with more than one million files stolen. The vast majority of targets were found to be based in Egypt, Palestine, Israel and Jordan, but multiple victims were also found in Qatar, Saudi Arabia, the UAE, Algeria, Lebanon, Norway, Turkey, Sweden, France, the United States and Russia.

The attackers utilised proprietary malicious tools for attacks on Windows PCs and Android-based devices and Kaspersky Lab experts have said there are many reasons to believe that the attackers behind the Desert Falcons are native Arabic speakers.

The main method used by the Falcons to deliver the malicious payload is spear phishing via e-mails, social networking posts and chat messages. Phishing messages contained malicious files (or a link to malicious files) masquerading as legitimate documents or applications.

Subscribe to our Newsletter

Subscribe to Arabian Business' newsletter to receive the latest breaking news and business stories in Dubai,the UAE and the GCC straight to your inbox.