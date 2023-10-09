A Gaza-based hacker has been linked to a series of targeted cyberattacks against several Israeli private sector organizations in energy, defense and telecommunications.

Microsoft, which revealed details about the business in its fourth annual report on Digital Defense (Microsoft Digital Defense Report 2023)is monitoring the campaign and has called this anonymous (or perhaps anonymous group from Gaza) Storm-1133.

What Microsoft says about the hacker attack on Israel from Gaza

“We assess that this group works to advance the interests of Hamas, a Sunni militant group that is the de facto authority in controlling the Gaza Stripas the activity attributed to it primarily affected organizations considered hostile to Hamas“, the company said.

The targets of the hacking campaign included organizations in the Israeli energy and defense sectors and entities loyal to Fataha Palestinian nationalist and social democratic political party based in the West Bank region.

The various series of attacks involve a combination of social engineering and fake profiles on LinkedIn that they masquerade as Israeli human resources managers, project coordinators, and software developers to contact and send phishing messages, conduct reconnaissance, and deliver malware to employees of Israeli organizations.

Microsoft also noted that the Gaza hacker called Storm-1133 sought to infiltrate third-party organizations with public ties to Israeli targets of interest.

These intrusions are designed to implement backdoorsalong with a configuration that allows the group to dynamically update the infrastructure of command and control (C2) hosted on Google Drive.

“This technique allows operators to stay one step ahead of the curve certain defenses based on static networks“, announced the Redmond company.

Disclosure Yes overlaps to a resurgence of conflict Israeli-Palestinianwhich was accompanied by an increase in malicious hacktivist operationsas Ghosts of Palestinewhich aim to bring down government websites and computer systems in Israel, the United States and India.

“There have been approximately 70 incidents where Asian hacktivist groups are actively targeting nations like Israel, India and even Francemainly due to their alliance with the United States“, has declared Falconfeeds.io in a post shared on X (formerly known as “Twitter”).

Further developments also come to light as threats they have moved from destructive and destructive operations to long-term espionage campaignswith the United States, Ukraine, Israel and South Korea emerging as some of the most targeted nations in the Europe, Middle East and North Africa (MENA) and Asia-Pacific regions.

“Iranian and North Korean state perpetrators are demonstrating increased sophistication in their cyber operations, in some cases getting closer to cybercriminals in nations like Russia and China“, has declared the Redmond tech giant.

This evolution of the craft is evidenced by the use recurring of custom tools and backdoorssuch as MischiefTut by Mint Sandstorm (also known as Charming Kitten), to facilitate persistence, evasion of detection, and credential theft.

Conclusion

The fact that this happens in Gaza, does not necessarily mean that it cannot affect our country more or less indirectly, and unfortunately, Italy is not exactly an ace in cybersecurity matters.

If the organizations of the various states are not prepared We and private companies must also prepare ourselves in part (such as electricity, gas, etc.) they would necessarily have to hire really competent people in the IT field.