Cyber attacks on Israel traced to Gaza: researchers

A series of cyber attacks against Israel since mid-2013 appears to be coming from “Arab parties located in the Gaza Strip” and elsewhere, U.S. security researchers say. A research report by Trend Micro said the effort appears to be using “spear phishing” emails with an attachment disguised as a pornographic video. When a user clicks on the attachment, it installs malware that allows for remote access of documents on the infected computer, the report said. The researchers said in a report released Sunday that this highly targeted campaign dubbed “Arid Viper” is a sort of “smash-and-grab” first seen in the middle of 2013, and which uses network infrastructure located in Germany.

On one hand, we have a sophisticated targeted attack, and on the other a less skilled attack that has all the hallmarks of beginner hackers. So why would these groups be working together?

Trend Micro said in a blog post

The security firm said those behind the scheme are using sophisticated methods with the goal of stealing sensitive data from Israeli-based organizations — government, transport, military and academia and one organization based in Kuwait. A similar campaign which uses some of the same techniques and infrastructure has also been hitting targets in Egypt. This less sophisticated effort has been called Operation Advtravel by Trend Micro. The researchers said both campaigns are hosted on the same servers in Germany and can be tied back to activity from Gaza.