Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific
Houthi-Backed Spyware Effort Targets Yemen Aid Workers
Pro-Houthi OilAlpha uses spoofed Android apps to monitor victims across the Arab peninsula working to bring stability to Yemen.
An ongoing spyware campaign is targeting attendees of Saudi government-led negotiations on Yemen, along with humanitarian and reconstruction aid workers working toward Yemeni stability on behalf of the pro-Houthi movement.
Insikt Group researchers has been monitoring the activities of threat group OilAlpha since May 2022, which they reported has been using messenger applications like WhatsApp to social engineer targets into downloading a malicious Android application. The app comes loaded with remote access Trojans (RATs) like SpyNore and SpyMax, the researchers said.
Tellingly, OilAlpha uses infrastructure that the Insikt Group traced back to the Public Telecommunication Corporation (PTC), a business owned by the government of Yemen, and under the control of Houthi-aligned officials, the report added.
"The group's operations have reportedly included targeting persons attending Saudi Arabian government-led negotiations; coupled with the use of spoofed Android applications mimicking entities tied to the Saudi Arabian government, and a UAE humanitarian organization (among others)," the report said. "As of this writing, we suspect that the attackers targeted individuals the Houthis wanted direct access to."
Read more about:
DR Global Middle East & AfricaAbout the Author
You May Also Like
How to Evaluate Hybrid-Cloud Network Policies and Enhance Security
September 18, 2024DORA and PCI DSS 4.0: Scale Your Mainframe Security Strategy Among Evolving Regulations
September 26, 2024Harnessing the Power of Automation to Boost Enterprise Cybersecurity
October 3, 202410 Emerging Vulnerabilities Every Enterprise Should Know
October 30, 2024
State of AI in Cybersecurity: Beyond the Hype
October 30, 2024[Virtual Event] The Essential Guide to Cloud Management
October 17, 2024Black Hat Europe - December 9-12 - Learn More
December 10, 2024SecTor - Canada's IT Security Conference Oct 22-24 - Learn More
October 22, 2024