Slashdot Mirror

← Back to Stories (view on slashdot.org)

Syrian Dissidents Hit By Another Wave of Targeted State-Sponsored Attacks

Posted by Soulskill on from the not-giving-up dept.

Trailrunner7 writes "One of the attackers who has been targeting Syrian anti-government activists with malware and surveillance tools has returned and upped the ante with the use of the BlackShades RAT, a remote-access tool that gives him the ability to spy on victims machines through keylogging and screenshots. The original attacks against Syrian activists, who are working against the government's months-long violent crackdown, were using another RAT known as Xtreme RAT, with similar capabilities. That malware was being spread through a couple of different targeted attacks, including one in which activists were directed to YouTube videos and their account credentials were then stolen when they logged in to leave comments. That attack continued with the installation of the RAT, giving the attacker surreptitious access to the victims' machines, enabling him to monitor their activities online. Now, researchers say that at least one attacker who is known to be involved in these targeted attacks also is using the BlackShades RAT in a new set of attacks."

10 of 54 comments (clear)

  1. IT'S OKAY !! RUSSIA AND CHINA SAY SO !! by Anonymous Coward · · Score: 3, Funny

    So relax, take it easy !!

  2. Can't they by Threni · · Score: 2

    burn the Tails TOR distro to cd so it's read only. And do basic, common sense stuff like using disposable accounts to post publicly (signing content so people can trust the authenticity of the posts)?

  3. Re:Youtube? by idontgno · · Score: 3, Interesting

    Proxying plus script injection could accomplish this effect without Google's complicity or any type of site spoofing.

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  4. Why should I believe you? by Anonymous Coward · · Score: 5, Insightful

    This is a propaganda war as much as anything, and I don't have any evidence to believe either side.

    Perhaps the Syrian government is not installing this software. Perhaps the activists are installing it to make the Syrian government look bad.

    I have only an absence of evidence (impartially gathered and analysed), and that means I should believe no-one's conclusions.

    1. Re:Why should I believe you? by Anonymous Coward · · Score: 3, Funny

      man, we missed you in threads about OWS. you could have accused protesters of dressing up as police and pepper spraying their friends. where were you?

    2. Re:Why should I believe you? by artor3 · · Score: 3

      Read the English-language Al Jazeera. They are a fantastic source for whenever you are worried that your views on the Middle East are being colored by Western propaganda.

  5. Re:where are you Anonymous? by Mashiki · · Score: 2

    AHahaha...yeah the script kiddies. Oh sure. Yep they're out doing good stuff again. So anyway, I mean the rebels are out doing things like trying to get reporters killed too. But hey, whatever. Pallywood everywhere!

    --
    Om, nomnomnom...
  6. Re:O RLY? by Anonymous Coward · · Score: 2, Insightful

    I think it's more like people like you are sick of Western propaganda and are willing to embrace anything that contradicts it, including greater falsehoods.

  7. Re:O RLY? by Em+Adespoton · · Score: 2

    I'm going to point out that this entire article is about luring people to view Youtube videos in an attempt to load a RAT onto their PC... Just saying.

  8. Targeted __WINDOWS__ attacks. by couchslug · · Score: 3, Informative

    Yes, it matters.

    Even the US military "gets" that Windows machines at home aren't at all secure and offers this nifty distro. Free download, and if you are USian your taxes were actually spent well for a change:

    http://www.spi.dod.mil/lipose.htm

    --
    "This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."