Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Skype Chats Compromised Syrian Rebels: Researchers

Washington – Syrian opposition groups lost critical information when its members fell victim to a “femme fatale” scheme using Skype chats that injected computers and phones with malware, researchers said Monday.

Washington – Syrian opposition groups lost critical information when its members fell victim to a “femme fatale” scheme using Skype chats that injected computers and phones with malware, researchers said Monday.

The security firm FireEye said it uncovered the hacking scheme that stole tactical battle plans, geographical coordinates, information on weapons and other key data in a period from November 2013 to January 2014, and possibly longer.

The hackers lured victims into online chats with attractive female avatars, eventually delivering a malware-laden photo, that allowed the operators of the scheme to steal “scores of documents that shed valuable insight into military operations planned against President (Bashar al) Assad’s forces,” FireEye said in a report.

“Sometimes, the threat group would take whole sets of files pertaining to upcoming large-scale military operations. These included correspondence, rosters, annotated satellite images, battle maps, orders of battle, geographic coordinates for attacks, and lists of weapons from a range of fighting groups.”

The group asked its targets about the device they used — computer or Android phone — probably to deploy malware specifically tailored to that device, FireEye said.

In addition to the military and political documents stolen, the group also accessed the Skype databases of the victims to get contacts and real time communications, “providing the threat actors with an inside view into the opposition’s relationships and plans.”

FireEye said it lacked sufficient information to determine the identity of the hackers or their ties to Assad’s forces, but noted that “we have some indications that the group may be resourced and/or located outside of Syria.”

“We found the activity focused on the Syrian opposition that shows another innovative way threat groups have found to gain the advantage they seek,” said Nart Villeneuve, a researcher at FireEye.

Advertisement. Scroll to continue reading.

“While we cannot positively identify who is behind these attacks, we know that they used social media to infiltrate victims’ machines and steal military information that would provide an advantage to President Assad’s forces on the battlefield.”

Related: Threat Group Targets Strategy, Battle Plans of Syrian Opposition

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...