
Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.
Houthi-Backed Spyware Effort Targets Yemen Aid WorkersHouthi-Backed Spyware Effort Targets Yemen Aid Workers
Pro-Houthi OilAlpha uses spoofed Android apps to monitor victims across the Arab peninsula working to bring stability to Yemen.
May 17, 2023

An ongoing spyware campaign is targeting attendees of Saudi government-led negotiations on Yemen, along with humanitarian and reconstruction aid workers working toward Yemeni stability on behalf of the pro-Houthi movement.
Insikt Group researchers has been monitoring the activities of threat group OilAlpha since May 2022, which they reported has been using messenger applications like WhatsApp to social engineer targets into downloading a malicious Android application. The app comes loaded with remote access Trojans (RATs) like SpyNore and SpyMax, the researchers said.
Tellingly, OilAlpha uses infrastructure that the Insikt Group traced back to the Public Telecommunication Corporation (PTC), a business owned by the government of Yemen, and under the control of Houthi-aligned officials, the report added.
"The group's operations have reportedly included targeting persons attending Saudi Arabian government-led negotiations; coupled with the use of spoofed Android applications mimicking entities tied to the Saudi Arabian government, and a UAE humanitarian organization (among others)," the report said. "As of this writing, we suspect that the attackers targeted individuals the Houthis wanted direct access to."
Read more about:
DR Global Middle East & AfricaAbout the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods
Oct 26, 2023Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven
Nov 06, 2023How to Combat the Latest Cloud Security Threats
Nov 06, 2023Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing
Nov 01, 2023SecOps & DevSecOps in the Cloud
Nov 06, 2023