Targets human rights defenders in North Africa with new malware
released on 2024-04-10 @ 01:12:14 PM
Cisco Talos revealed a novel threat actor dubbed 'Starry Addax' conducting phishing campaigns against individuals affiliated with the Sahrawi Arab Democratic Republic cause, particularly human rights activists in Morocco and Western Sahara. The group utilizes a custom Android malware called 'FlexStarling' masquerading as a legitimate news app to compromise devices and exfiltrate sensitive data. Additionally, Starry Addax employs credential harvesting tactics for Windows targets. This emerging campaign exhibits advanced capabilities and a focus on stealth operations.