Cyber-Espionage Group That Targeted Palestinian Law Enforcement Last Year Returns With New Attacks (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

Cyber-Espionage Group That Targeted Palestinian Law Enforcement Last Year Returns With New Attacks (bleepingcomputer.com)

Posted by msmash on Monday July 9, 2018 @04:00AM from the attackers-on-the-move dept.

Catalin Cimpanu, writing for BleepingComputer: A cyber-espionage group that has targeted Palestinian law enforcement last year is now back in action targeting Palestinian government officials. These recent attacks started in March 2018, according to evidence surfaced by Israel-based cyber-security firm Check Point. The new attacks seem to fit the same modus operandi of a group detailed in two reports from Cisco Talos and Palo Alto Networks last year.

Those reports detailed a spear-phishing campaign aimed at Palestinian law enforcement. The malicious emails tried to infect victims with the Micropsia infostealer, a Delphi-based malware that contained many strings referencing characters from the Big Bang Theory and Game Of Thrones TV shows. Now, the same group appears to be back, and the only thing they've changed is the malware, which is now coded in C++. The TV shows references are still there, this time with mentions to the Big Bang Theory, but also a Turkish TV series named "Resurrection: Ertugrul."

28 of 80 comments (clear)

Min score:

Reason:

Sort:

el fringo by ole_timer · 2018-07-09 04:08 · Score: 1

everyone is in on the cyber game - even fringe groups like this.

--
nothing to see here - move along
Goes to show you by Virtucon · 2018-07-09 04:12 · Score: 1

Even hackers have problems finding good Delphi folks these days.

--
Harrison's Postulate - "For every action there is an equal and opposite criticism"
Not subtle enough by Anonymous Coward · 2018-07-09 04:19 · Score: 2, Insightful

Sounds like the Israelis are false flagging again.
1. Re:Not subtle enough by Oswald+McWeany · 2018-07-09 04:35 · Score: 1, Troll
  
  Sounds like the Israelis are false flagging again.
  It does seem unlikely that the Turks would have any desire to pick a fight with Palestine. There's only one nation on earth with an irrational hatred of Palestine. That same nation breaks international rules more than any other and has no regard to other countries' sovereignty, frequently carrying out secret attacks on citizens in many of those countries, even ones it nominally calls allies... ... you all know who I'm talking about... Lichtenstein!
  
  --
  "That's the way to do it" - Punch
2. Re: Not subtle enough by Type44Q · 2018-07-09 05:37 · Score: 1, Insightful
  
  Don't you think Israel has given the world enough reasons to be disgusted with it??
3. Re:Not subtle enough by Anonymous Coward · 2018-07-09 05:48 · Score: 1
  
  I'll support the side that doesn't give 400 million annually to the families of suicide bombers.
4. Re:Not subtle enough by Nidi62 · 2018-07-09 06:22 · Score: 3, Insightful
  
  I'll support the side that doesn't give 400 million annually to the families of suicide bombers.
  So instead you choose to support the side that shoots at protesters with live ammunition, shoots kids throwing rocks at armored vehicles (or not doing anything at all), tears down buildings and whole communities for not having the proper permits (which it always refuses to give), controls water and electricity access, destroys the whole house if a family member commits a "terrorist" act, sentences soldiers who get caught on camera killing wounded and defenseless Palestinians to 9 months in jail, and runs a complete economic blockade.
  
  --
  The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
5. Re: Not subtle enough by Anonymous Coward · 2018-07-09 06:35 · Score: 2, Interesting
  
  Don't you think the oxymoron "Religion of Peace" has given the world enough reasons to be disgusted with it?
  Reasons like 9/11, London's 7/7, Manchester, London and Westminster bridge car ramming, Bastille Day truck jihad in Nice France, Paris' Charlie Hebdo and Bataclan massacres, Boston Marathon bombing, Pulse nightclub in Orlando massacre, San Bernardino shooting, 1972 Olympics attack, Pan Am 103 bombing, assassination 50 years ago of US Senator Robert F Kennedy, Manhattan bike path attack, Moscow subway attack, Beslan elementary school massacre, thwarted sneaker and underwear bombing of passenger planes, Sadaams use of poison gas (his "non-existant" WMD) on Halabja Iraq, Mumbai India massacre, Nairobi mall massacre, Bali beach attack, DC Beltway snipers, Fort Hood attack, thwarted Garland Texas Art attack, Ottawa attack, Copenhagen attack, Sydney attack, Syrian civil war where 500,000 have died, the 8 year Iran/Fascist Iran war where 1,000,000 died, Brussels airport bombing, beheading of Lee Rigby and journalist Daniel Pearl, murder of filmmaker Theo van Gogh, death threats on writer Salman Rushdie and Danish cartoonists, executions of gays in Fascist Iran and Hamasstan, stoning girls to death over "family honour" slights, Rotherham rape gangs, destruction of antiquities in Palmyra, destruction of two 1,500 year old Buddas in Bamiyan, ....
6. Re:Not subtle enough by Impy+the+Impiuos+Imp · 2018-07-09 07:12 · Score: 1
  
  There are many nations surrounding that area that hate Palestinians. I know a Palestinian from Jordan whose entire village was plowed under.
  They are only nominally loved by other Muslim nations insofar as it provides a convenient distraction for the local dictators to rile up their populace against someone other than themselves.
  Well, you did say only one natiin with an irrational hatred. Are all these local dictatorships being rational?
  
  --
  (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
7. Re:Not subtle enough by Anonymous Coward · 2018-07-09 08:20 · Score: 1, Insightful
  
  So instead you choose to support the side that places bombs on passenger planes like Pan Am 103 and continue to try to bomb passenger planes (bombs hidden in sneakers and underwear), who hijacks passenger planes and after telling the passengers that if they don't resist, they will be safe, yet fly the planes into both World Trade Center towers and the Pentagon, and the fourth plane flown into the ground in Shanksville PA, because the hijackers game was up thanks to passenger learning about 9/11 from Airphones, and decided to go for broke and attack the hijackers.
  There is CCTV of British Muslims bombing the London Underground on 7/7 2005 and another with the blood of Lee Rigby on his hands boasting of his Jihad to the video camera.
8. Re:Not subtle enough by Anonymous Coward · 2018-07-09 13:36 · Score: 1
  
  Good story but does not hold water. With 500000 dead in Syria (no Israelis there) at least 500000 dead in Iraq (ditto) tens of thousands dead in Afghanistan and Yemen (yeah you got it) it seems to me the problems is not with the Israelis. Arabs of all stripes have been in the business of killing of a thousand years. The problem with the ISraelis is that they refuse to cooperate and die. It infuriates the palestinians and apparently you too.
Not extensive at all. Probably "strings". Standard by raymorris · 2018-07-09 04:35 · Score: 4, Insightful

Simply running "strings" on the executable would probably be sufficient, as it would include names of C++ libraries.
It would also either require or include the C++ standard library.
So what does "Palestinian Law Enforcement" do?? by SuperKendall · 2018-07-09 05:14 · Score: 2, Insightful

I'm curious what on earth a "Palestinian Law Enforcement" group does, do they make sure the fire bombs terrorists sail on kites over to Israel have the correct amount of fire starting material or what?
Or maybe they go around to homes making sure the kids are all watching the appropriate amount of cartoons showing jewish people are working with the devil so they are groomed to carry out suicide attacks...
Because it sure doesn't seem like there is any law in Palestine.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
1. Re:So what does "Palestinian Law Enforcement" do?? by Anonymous Coward · 2018-07-09 05:53 · Score: 2, Insightful
  
  The obvious answer is to remove the the will and ability of the side that constantly tries to kill the other side constantly. I bet Israel wouldn't give a damn about "Palestinians" if there were not daily bombings, stabbings and rocket launches.
  It's not discrimination when the destruction of one side is built into the bad side's charter. Go wiki Hamas charter. Go look at Israel's constitution.
2. Re:So what does "Palestinian Law Enforcement" do?? by skam240 · 2018-07-09 06:20 · Score: 1
  
  Maybe try to get Israel to stop continually annexing land everyone but them recognizes as belonging to the Palestinians? https://en.wikipedia.org/wiki/...
  Or maybe their police do exactly what police do in any other country.
  
  --
  I ignore Anonymous Coward posts. If you want to discuss something, that's awesome. Log in.
3. Re:So what does "Palestinian Law Enforcement" do?? by Impy+the+Impiuos+Imp · 2018-07-09 06:41 · Score: 1
  
  Or maybe their police do exactly what police do in any other country.
  That can mean vastly different things depending on corruption.
  
  --
  (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
4. Re:So what does "Palestinian Law Enforcement" do?? by ole_timer · 2018-07-09 07:09 · Score: 1
  
  they enforce tax payments to the PLA...?
  
  --
  nothing to see here - move along
5. Re:So what does "Palestinian Law Enforcement" do?? by Anonymous Coward · 2018-07-09 07:26 · Score: 1
  
  There are roughly 10 times as many Palestinians killed by Israelis as Israelis killed by Palestinians:
  https://www.vox.com/2014/7/14/5898581/chart-israel-palestine-conflict-deaths
  FYI, More Germans/Nazis and Imperial Japanese died in WW2 than Americans or Brits.
  That difference in body count doesn't make The Americans or the Brits the aggressors either.
  FYI #2, The 500,000 dead in Syria is the work of Muslims and the 1,000,000 dead in the Iran/Iraq is the work of Muslims.
Re:C++??? by Gravis+Zero · 2018-07-09 05:55 · Score: 2

How exactly would they be able to tell it was coded in C++?
a) strings (especially compiler string)
b) vtables (they can be generated slightly differently between compilers/languages)
c) linked to C++ libraries
d) every compiler generates code in a slightly different way, so they could probably tell you the exact version of the compiler and the arguments used if they had to (and the compiler string was removed).
It's really not very complicated to figure out which language a program is written in.

--
Anons need not reply. Questions end with a question mark.
Translated into sentences by raymorris · 2018-07-09 06:16 · Score: 1

APK said something interesting, but it sure would be easier to read of this paragraph was broken into sentences:
See subject: Many disassemblers/hackers of code (for GOOD or BAD purposes) have issues w/ Delphi VCL statically built-in design (separating data from instructions for 1 thing) & it's DEFAULT is statically built programs vs. MARSHALLING (ole type load via GUID) libs external to the program (ala .DLL or .OCX for example) OR std. DLL loads (non-OLE type/oldschool/traditional) & w/ a MSVC++ program, it's interface @ THE VERY LEAST is run by MSVC*#Version.DLL libs (easy to identify) & Delphi's is built as a I said (statically compiled in source libs for all things by default on std. .exe file).
Even better, easier to read and understand, would be no more than one parenthetical per sentence. Maybe I'll give a try:
--
Many disassemblers/hackers have issues w/ Delphi VCL's statically built-in design. For one thing, separating data from instructions is an issue. Also, by default, it statically links, building the library into the executable. Compare Microsoft MSVC, which by default loads an external DLL file.
--
Israel? by Anonymous Coward · 2018-07-09 06:58 · Score: 1

I wonder who this could be? What is the only country on earth that has a problem with the Palestinians? Yes. Israel.
"according to evidence surfaced by Israel-based cyber-security firm Check Point..."
This is kind of like Israel investigating itself over the Flotilla attacks and the Rachel Corrie murder and finding itself not guilty.
That, sir, was my point by SuperKendall · 2018-07-09 07:19 · Score: 2

Or maybe their police do exactly what police do in any other country.
Are you saying the police in ANY other country would sit idly by while masses of "protesters" armed with AK-47's, sent kites loaded with firebombs into the sky with the sole purpose off burning property and hopefully killing a few people?
I doubt that is true, at all, so I'd say my question stands stronger than ever before. They aren't upholding even the most basic of laws (i.e. randomly setting fire to properties) so what DO they do?
Maybe try to get Israel to stop continually annexing land
There are plenty of property disputes in civilized countries not settled by burning the innocent are targeting hospitals with rockets. Which again, these "police" are apparently cool with. Makes me wonder what OTHER "fun" things you could do in Palestine that police in other countries would arrest you for.
Which all leads me to wonder why on earth you support a group of people as inherently despicable as modern day Palestinians.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
1. Re:That, sir, was my point by skam240 · 2018-07-09 07:39 · Score: 1
  
  It's just the worst when victims fight back.
  Don't get me wrong, Hamas and the like are bad people. It's just that Hamas wouldn't exist if it weren't for Israeli zionism.
  
  --
  I ignore Anonymous Coward posts. If you want to discuss something, that's awesome. Log in.
Just to be clear by SuperKendall · 2018-07-09 07:58 · Score: 1

It's just the worst when victims fight back.
Hey everyone, here's someone who thinks that when you believe you are being annexed unfairly, you should set fire to houses and try to blow up hospitals or crowds of random civilians!
Again, what police force would agree with you? Why apparently the Palestinian "police force".
Don't get me wrong, Hamas and the like are bad people. It's just that Hamas wouldn't exist if it weren't for Israeli zionism.
Bullshit, plenty of people on earth have similar issues and solve them without such extreme violence. Hamas exists because *any* Jews are alive, period. "Zionism" is only a pretext used to kill as many jews as possible by any means handy.
I'll let you have the last response as you continue your descent into madness, I wouldn't want to make you really mad as I'm sure you'd find it fair to set fire to my house or slaughter me while I slept simply for disagreeing with you.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
So spies are spying? by mapkinase · 2018-07-09 08:27 · Score: 1

What's next: cops eating donuts, doctors playing golf?

--
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
Nope, sorry by skam240 · 2018-07-09 08:32 · Score: 1

Hamas spun out of the Muslim Brotherhood in 1987 in direct response to events relating to Israeli occupation of the Palestinian Territories.
"I'll let you have the last response as you continue your descent into madness, I wouldn't want to make you really mad as I'm sure you'd find it fair to set fire to my house or slaughter me while I slept simply for disagreeing with you."
Hahaha, what a ridiculous person you are. Now you can tell your Mom you got the last word in on the internet!

--
I ignore Anonymous Coward posts. If you want to discuss something, that's awesome. Log in.
Normal by nospam007 · 2018-07-09 08:51 · Score: 1

It's the last week of the semester for the Israeli Anti-Palestine-Cyber class of 2018.
It's their final test.
Attack of the cyber delphi palestinian malware by najajomo · 2018-07-09 12:03 · Score: 1

Just how desperate do you have to be to not mention Micropsia only runs on Microsoft Windows.