Keep Calm and Don’t Enable Macros or JavaScript
This report describes a campaign of targeted spyware attacks carried out from 2012 until the present, against Emirati journalists, activists, and dissidents. The campaign was discovered when an individual mail from an apparently fictitious organization called “The Right to Fight” contacted Rori Donaghy.
Donaghy, a UK-based journalist and founder of the Emirates Center for Human Rights, received a spyware-laden email in November 2015, purporting to offer him a position on a human rights panel. Donaghy has written critically of the United Arab Emirates (UAE) government in the past, and had recently published a series of articles based on leaked emails involving members of the UAE government.
CitizenLab in the meantime found 31 public tweets sent by Stealth Falcon, 30 of which were directly targeted at one of 27 victims. Of the 27 targets, 24 were obviously linked to the UAE, based on their profile information (e.g., photos, “UAE” in account name, location), and at least six targets appeared to be operated by people who were arrested, sought for arrest, or convicted in absentia by the UAE government, in relation to their Twitter activity.
The attacks are working like this:
Donaghy was suspicious of the email, and forwarded it to CitizenLab for analysis. They found that the link in the email ( loaded a page containing a redirect to the website of Al Jazeera. Before completing the redirect, it invoked JavaScript to profile the target’s computer.
By chance, the attachment was identified as malicious and blocked by a program running in Donaghy’s email account. An analysis showed that it links to an image that claims that “This Document Is Secured” and requests that the user “Please enable macros to continue.”
The image attempts to execute code on the recipient’s computer, using a macro.
Read more and find the technical background here
All articles about
- Cyberwar,
- Geheimdienste,
- Hacking, ,
- Trojaner,
- Cookies,
- Verschlüsselung,
- Todesstrafe,
- Hinrichtungen,
- Zensur,
- Informationsfreiheit,
- Anonymisierung,
- Meinungsmonopol,
- Meinungsfreiheit,
- Pressefreiheit,
- Menschenrechte,
Category[21]: Unsere Themen in der Presse Short-Link to this page:
Link to this page:
Link with Tor:
Tags: #Cyberwar #UAE #VereinigteArabischeEmirate #Malware #Journalisten #Geheimdienste #Hacking #Trojaner #Cookies #Verschluesselung #Todesstrafe #Hinrichtungen #Zensur #Informationsfreiheit #Anonymisierung #Meinungsmonopol #Meinungsfreiheit #Pressefreiheit #Menschenrechte
Created: 2016-05-30 07:30:30
Kommentar abgeben