The Tech Herald

Syrian activists targeted by Phishing campaigns and malware

by Steve Ragan - Mar 16 2012, 13:00

Syrian activists targeted by Phishing campaigns and malware.(IMG:J.Anderson)

Activists in Syria were targeted by a Phishing scheme recently, via a false YouTube page, which targeted usernames and passwords in addition to pushing malware. It’s believed that the attackers were pro-government, if not part of the regime itself.

The EFF reported on Thursday that the Phishing page, which has been taken down, targeted Syrian activists searching for current information and related news. The page itself replicated YouTube, and required that the visitor enter in their YouTube username and password in order to leave comments.

Video viewing on the page presented the user with an update to Adobe Flash Player, which if installed allows attackers from a Syrian IP to push additional malware onto the system.

Last week, the EFF also reported on the discovery of XtremeRAT. The Trojan spreads via email and chat messages, and was discovered on systems used by Syrian activists. It has the ability to capture webcam activity, record keystrokes, password sniffing and more. In addition, XtremeRAT can disable notifications from some AV vendors. Any information collected was sent to a server using a Syrian IP.

According to Reporters Without Borders, Syria already had a strong censorship stance on the Internet before the revolution started in 2011, but it has only gotten worse.

Skype and Mumble are the two of the more popular methods activists use to share news and show the world images from a nation on the brink of civil war. So the discovery of XtremeRAT was both shocking and expected. Those familiar with the state of the Web in Syria knew it wouldn’t be long before Assad’s regime expanded their monitoring and censorship efforts.

“EFF is deeply concerned about this pattern of pro-government malware targeting online activists in authoritarian regimes. We will continue to keep a close eye on future developments in this area,” the organization said in a blog post.

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Chevrolet shows off the 2015 Colorado with digital experience

Chevrolet has launched a new website to show buyers all the bells and whistles available on ...

Mazda to debut CX-3 and MX-5 at Los Angeles Auto Show

Mazda has announced plans to premiere the new Mazda CX 3, its new compact crossover SUV, at ...

Ford issues safety recall for 204,448 Ford Edge and Lincoln MKX

Ford has issued a safety recall for 204,448 of the 2007-2008 Ford Edge and Lincoln MKX in No...

Mopar Previews SEMA Custom Rides

We have added a set of pictures released by Mopar ahead of the SEMA Show. Mopar are bri...

Audi R8 Competition – The Most Powerful Production Audi Ever

Audi has revealed details of their new super-fast Audi R8 Competititon — the most powerful a...