According to researchers, the hackers were able to
successfully establish a widespread cyber espionage campaign
by compromising dozens of mobile devices from Samsung, HTC,
LG and Huawei belonging to over 100 Israeli soldiers.
Besides, almost 9,000 files stolen from compromised devices (roughly 97 percent) that were exfiltrated from compromised devices were identified by Lookout researchers as being highly encrypted images, which were taken using the device camera.
However, it's likely the IDF is not the only target.
The ViperRAT attack campaign started in July and continued to date, according to Kaspersky researchers.
The IDF closely worked with Kaspersky Labs and Lookout to investigate this incident and theorized that Hamas was behind these attacks. However, Lookout researchers have come to doubt that theory.
According to Lookout researchers, "Based on tradecraft, the modular structure of code and use of cryptographic protocols [AES and RSA encryption] the actor appears to be quite sophisticated."
Researchers say Hamas is not known for sophisticated mobile capabilities, which makes it unlikely they are directly responsible for ViperRAT.
The IDF is currently working together with both Lookout and Kaspersky to identify infected targets and protect against further attacks, but there is one simple way to protect against ViperRAT: don't download apps from untrusted third-party sources.
Besides, almost 9,000 files stolen from compromised devices (roughly 97 percent) that were exfiltrated from compromised devices were identified by Lookout researchers as being highly encrypted images, which were taken using the device camera.
However, it's likely the IDF is not the only target.
The ViperRAT attack campaign started in July and continued to date, according to Kaspersky researchers.
Is Hamas Behind the Cyber-Spying Operation?
The IDF closely worked with Kaspersky Labs and Lookout to investigate this incident and theorized that Hamas was behind these attacks. However, Lookout researchers have come to doubt that theory.
According to Lookout researchers, "Based on tradecraft, the modular structure of code and use of cryptographic protocols [AES and RSA encryption] the actor appears to be quite sophisticated."
Researchers say Hamas is not known for sophisticated mobile capabilities, which makes it unlikely they are directly responsible for ViperRAT.
The IDF is currently working together with both Lookout and Kaspersky to identify infected targets and protect against further attacks, but there is one simple way to protect against ViperRAT: don't download apps from untrusted third-party sources.