Man
Professional
- Messages
- 3,085
- Reaction score
- 623
- Points
- 113
Silent observation is being replaced by loud destructive campaigns.
Hamas-affiliated hackers have expanded the scope of their digital attacks beyond cyber espionage and moved to conduct devastating malicious campaigns against Israeli organizations. The group, known as WIRTE, has also affected the Palestinian Authority, Jordan, Iraq, Saudi Arabia and Egypt, according to a recent report by Check Point.
Despite the conflict between Israel and Hamas, WIRTE's activity has not ceased – they continue to use current events to spy and attack Israeli targets. In recent months, hackers have carried out at least two waves of devastating attacks against Israeli organizations.
The WIRTE group, which has been operating since August 2018, is part of the so-called "Gaza Cyber Gang" (also known as Molerats and TA402). This group uses various malicious tools, such as BarbWire, IronWind, and Pierogi, to attack countries in the Middle East.
Experts note that hackers are actively using the tension in the region to send malicious archives with the IronWind loader and the Havoc framework. In October 2024, a phishing campaign against Israeli hospitals and municipalities was revealed. The messages were sent from an address associated with ESET's partner in Israel and contained an updated version of the SameCoin Wiper ransomware.
This malware is capable of destroying files and changing the desktop background to an image with the symbols of Hamas' military wing, the Al-Qassam Brigades. Previously, the wiper was used to sabotage Windows and Android devices by disguising themselves as security updates.
Hackers continue to actively develop their arsenal of tools, including spyware, backdoors, and phishing pages, which allows them to combine espionage with devastating attacks on infrastructure.
Source
Hamas-affiliated hackers have expanded the scope of their digital attacks beyond cyber espionage and moved to conduct devastating malicious campaigns against Israeli organizations. The group, known as WIRTE, has also affected the Palestinian Authority, Jordan, Iraq, Saudi Arabia and Egypt, according to a recent report by Check Point.
Despite the conflict between Israel and Hamas, WIRTE's activity has not ceased – they continue to use current events to spy and attack Israeli targets. In recent months, hackers have carried out at least two waves of devastating attacks against Israeli organizations.
The WIRTE group, which has been operating since August 2018, is part of the so-called "Gaza Cyber Gang" (also known as Molerats and TA402). This group uses various malicious tools, such as BarbWire, IronWind, and Pierogi, to attack countries in the Middle East.
Experts note that hackers are actively using the tension in the region to send malicious archives with the IronWind loader and the Havoc framework. In October 2024, a phishing campaign against Israeli hospitals and municipalities was revealed. The messages were sent from an address associated with ESET's partner in Israel and contained an updated version of the SameCoin Wiper ransomware.
This malware is capable of destroying files and changing the desktop background to an image with the symbols of Hamas' military wing, the Al-Qassam Brigades. Previously, the wiper was used to sabotage Windows and Android devices by disguising themselves as security updates.
Hackers continue to actively develop their arsenal of tools, including spyware, backdoors, and phishing pages, which allows them to combine espionage with devastating attacks on infrastructure.
Source
