Researchers have detected a hacking operation named Chafer. This operation is taking advantage of new tools – including the EternalBlue NSA exploit that was used last year in WannaCry and NotPetya – to attack companies across the Middle East for surveillance and intelligence gathering.
Targets are mostly working in telecoms and transport, in total, Chafer has deployed seven new tools, in the Middle Eastern affecting countries like Israel, Jordan, the United Arab Emirates, Saudi Arabia, and Turkey.
Researchers also found that Chafer has carried out unsuccessful cyber attacks against an African airline. The cyber attacks were ineffective against the African airline thanks to the robust cybersecurity solution implemented in their systems. In this case, the presence of antivirus for Windows or antivirus for Mac, depending on which OS their devices used was the cybersecurity solution that kept the cybercriminals away from company’s network and data.
Our cybersecurity experts say that the goal of this attack was mass surveillance of end-users.
Chafer used new tactics to cyber attack targets: spear-phishing emails sent to individuals in targeted companies.
Every mail contained an Excel spreadsheet attachment that, when is open, would download a malicious VBS file which will run a PowerShell script that will deliver the final payload.
This payload puts unprotected systems to their knees because every system that doesn’t have a reliable cybersecurity solution installed will be prone to additional cybersecurity problems like information theft one trough coping contents of the clipboard, taking screenshots, recording keystrokes and secretly stealing files and user credentials.
This malware installs other hacking tools like the EternalBlue exploit to spread the infection across the entire infected network.
It is essential for everybody to understand the fact that nowadays strong and good cybersecurity is part of any business success or individual user privacy. Don’t underestimate the power of cybercriminals or the power of cybersecurity solutions, remember that every company and the individual should protect their systems with an antivirus for Windows or antivirus for Mac depending on which OS their devices use.