Researchers at Cybereason say that hackers associated with Hamas have been phishing rivals in the Palestinian Authority. The lure is an attached pdf that carries a backdoor installer. There are two distinct campaigns in progress. The first deploys the Spark backdoor, a known threat for the past year. The other installs a hitherto unremarked backdoor Cybereason calls “Pierogi.” The campaigns show certain similarities with those run by the MoleRATs since 2012.
With the US and Iran on mutually high alert in cyberspace, FireEye provides an overview of Iranian cyber capabilities.
A US Government Accountability Office warning about indifferent preparation for the 2020 US census and its possible vulnerability to both hacking and disinformation has, Federal News Network reports, the US House concerned that the census will become the Iowa Democratic caucus writ large.
Researchers at MIT conclude that Voatz, a mobile voting application that’s been adopted in some US jurisdictions, is vulnerable to attackers wishing to “alter, stop, or expose a user’s vote.” Voatz strongly objects to the research, saying it used an old version of its product. MIT reserachers, ZDNet says, maintain that the version they used was still available on Google Play.
IBM X-Force researchers looked into sextortion campaigns and found that Emotet spam has eclipsed Necurs in its intake of ransom. There are two reasons for this. Emotet tends to hit victims through their work email (Necurs affected mostly webmail accounts). And Emotet users charge their marks in Bitcoin, not the less valuable Dashcoin Necurs-using hoods favor.