A report by Israeli intelligence-linked cybersecurity company Cybereason has uncovered evidence of what the company says are two separate cyber warfare operations by Hamas against the Fatah-led Palestinian Authority.
According to the report, the cyberattacks are targeting PA officials and organizations, and include attempts to hack officials’ phones, transmit stolen data and take control of microphones and cameras to spy on their adversaries.
Cybereason attributes the attacks to the ‘MoleRATs’, also known as ‘The Gaza Cybergang’, which it says is a Hamas-linked cyberwarfare unit operating in the region since 2012.
The group reportedly targets its victims via at least two separate operations, including the ‘Spark Campaign’ – in which hackers send phishing emails on topics like President Trump’s recent “Deal of the Century”, tensions between Hamas and the Egyptian government, the US drone strike assassination of Iranian General Qasem Soleimani, and the historic rivalry between Hamas and Fatah.
Malicious files contained in the emails urge targets to download additional dummy archive files, which contain an executable that allows hackers to take control of the device.
The second operation, known as ‘The Pierogi Campaign’, is a curious, newly discovered effort using decoy malicious files to create a backdoor. The program, nicknamed after the delicious Ukrainian dumpling dish, makes use of the Ukrainian language and is thought to have fallen into Hamas’s hands via the dark web.
Fatah, which controls the Palestine Liberation Organization (PLO) and the Palestinian Authority, governs parts of the West Bank. Hamas took control of the Gaza Strip from Fatah in 2007, through a bloody civil war.
The last Palestinian elections were held in 2006.