Wednesday, February 18, 2015

Gang of Arab Cybermercenaries Discovered Robbing Private Files

2/18/2015

CANCUN, Mexico – A group of Arab cybermercenaries have stolen more than a million digital files from multiple organizations and individuals around the world that have high social, political, religious or educational profiles.

The announcement came during the Moscow-based computer security firm Kaspersky Lab’s Security Analyst Summit in this resort city in southeastern Mexico.

Kaspersky provided details about the group dubbed Desert Falcons, the first known gang of Arab mercenaries to develop and execute large-scale cyberspying operations.

Kaspersky analyst Dmitry Bestuzhev told Efe that members of the group are “true masters” of social engineering, with techniques astutely analyzed to persuade victims to open their confidential files or e-mails without realizing they are being infected.

“They carefully choose their victims and before attacking, they document themselves to find out who they can interest and who they can’t,” the expert said.

According to Kaspersky investigators, the attackers are almost certainly Arabs for their codes and the names they use; they also know they will be rewarded for their attacks, which they execute from different countries where they are very well organized in working groups.

Some are programmers, others craft messages that will persuade their victims to open an e-mail, others study the behavior of a cybernaut to learn his habits and discover his real political, religious or social importance, while still others analyze the data and documentation to draw their strategic conclusions and create plans of action.

Kaspersky Lab investigators calculate that there are at least 30 people involved in this gang of cybermercenaries, whose attacks have affected more than 3,000 victims in at least 50 countries.

Desert Falcons started operating in 2011, but for some reason their campaign stalled in 2012 and was reactivated in late 2013.

A few months ago something “important” happened, perhaps some political incident, that reactivated the group and got its activities moving full speed ahead, according to the Kaspersky analyst.


source

No comments: