A report on CNBC outlines the lengths hackers in Syria are going to obtain intelligence on Syrian opposition fighters. Using attractive female avatars on Skype, groups were able to steal battle plans of the Syrian opposition.
Everything was up for grabs once the malware was installed. Military plans on computers, identification cards of refugees in Turkey and the political structures of the groups.
The basics of the attack reads like a catfish episode. A skype user with a female persona would strike up a conversation with an opposition fighter. An innocuous question about the type of device they were using would set the stage for the type of attacks.
From there, the ‘female’ persona would flirt with the fighter, sending him a personal photograph. Once the target opened it, the malware infected image would steal the data.
How much data? 7.7 gigabytes were stolen, over 21,000 Skype conversations, 12,000 contacts and over a quarter of a million messages. At this point, the fighters should have just given the hackers credentials for a dropbox account. It would have been less ridiculous.
To add to the ruse, each female skype persona had a Facebook profile that seemed pro-opposition. All the links posted were just as malicious as the photographs and designed to capture information.
FireEye discovered the attacks, and outline what one might look like.
What is unknown is if the group is still active, or if opposition fighters have wised up to the tactics.
“Whether they are still active and have moved to another platform to disguise themselves and remain ahead of other militaries or law enforcement, who knows?”
FireEye says this is the first time a group targeting Syrian opposition groups have been using Android based malware. It furthers security concerns globally that 2015 will be a mobile security battleground.
I guess buy an iPhone? I kid. It shows that if you don’t know a person, don’t click on a link you’ve never heard of. Same goes for the model-esque woman you’ve never met.