Arab Hackers Suspected of Penetrating Israeli Military Network
Government (Foreign) // Israel
The attackers packaged malicious code in emails sent to various military addresses that purported to contain breaking military news, or, in some cases, a clip featuring "Girls of the Israel Defense Forces."
Some of the emails included attachments that lodged so-called backdoors for future illicit access and also deposited modules that could download and run additional programs.
Researchers with security firm Blue Coat Systems Inc., who discovered the campaign, said most of the malware was cobbled together from widely available tools, such as the remote-access Trojan called Poison Ivy.
The hackers were likely working on a budget and did not want to spend money on custom code. Most of their resources seemed to go toward the social engineering, or human trickery, part of the operation.
At least some of the infected emails reached their target, because Blue Coat detected malware "beaconing," or sending signals to the hackers that it was in place.
Military officials said they were "not aware of hacking on IDF operational networks."
Blue Coat suspects the attackers speak Arabic because forensics analysis revealed that was the language setting in one of the programming tools.