New Gaza Cybergang Malware Arsenal Abusing Cloud Platforms in Middle East Espionage Campaign
released on 2020-12-11 @ 05:24:25 PM
The Cybereason Nocturnus Team has identified an active espionage campaign employing three previously unidentified malware variants that use Facebook, Dropbox, Google Docs and Simplenote for command & control and the exfiltration of data from targets across the Middle East.
The Cybereason Nocturnus Team has continued tracking Molerats (aka The Gaza Cybergang), and in recent months detected a new campaign leveraging two previously unidentified backdoors dubbed SharpStage, DropBook, as well as a downloader dubbed MoleNet.