VIRUS DEFINITION

Virus Type: Malware / Espionage Tool

What is Desert Falcons?

Desert Falcons is a group of cybermercenaries operating from the Middle East and using a set of methods to hide and operate malware. The cybercriminals appear to be highly skilled: in addition to proficient social engineering tricks, they have developed the following from scratch:

  • Computer systems malware targeting Windows devices
  • Mobile malware targeting Android devices
  • Infection vectors, including phishing emails, fake websites and fake social networking accounts

Who are the victims of Desert Falcons?

Potential victims were enticed with socio-political news and information, and many succumbed rapidly to malware infection.

The victims targeted include:

  • Military and Government
  • Newspaper, TV/Radio Channels and Top Media Outlets
  • Financial and Trading Institutions
  • Research and Education Institutions
  • Activists and Political Leaders
  • Energy Firms
  • Physical Security Companies

Victims of the Desert Falcons are located mainly in the following countries:

  • Egypt
  • Palestine
  • Israel
  • Jordan

How do I know if I'm infected or not?

The list of indicators of compromise is available on Securelist.com

How can I protect myself against the Desert Falcons campaign?

Kaspersky Lab products detect and block all variants of the malware used in this campaign:

Trojan.Win32.DesertFalcons
Trojan-Spy.Win32.Agent.cncc
Trojan-Spy.Win32.Agent.ctcr
Trojan-Spy.Win32.Agent.ctcv
Trojan-Spy.Win32.Agent.ctcx
Trojan-Spy.Win32.Agent.cree
Trojan-Spy.Win32.Agent.ctbz
Trojan-Spy.Win32.Agent.comn
Trojan.Win32.Bazon.a

Vi använder cookies för att förbättra din upplevelse av våra webbplatser. Genom att använda och fortsätta navigera på den här webbplatsen godkänner du detta. Om du vill ha mer information om användning av cookies på den här webbplatsen klickar du på Mer information.

Godkänn och stäng