View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
February 26, 2015

Arab hackers go running after Trend Micro report

Social media goes quiet, but attackers keep hacking.

By Jimmy Nicholls

Arab hackers in Egypt and Palestine seem to have gone underground after a report surfaced on their activities by security vendor Trend Micro.

Various social media accounts belonging to Ebrahim Said El-Sharawy, alias DevHima, were shut down or altered in the wake of the report, which connected him to command and control (C&C) servers used to send instructions as part of Operation Arid Viper.

Despite the concealment the campaign appears to be going ahead as planned, with only minor alterations to the playbook.

"None of the C&C domains have moved to other hosting providers or had other major changes since the publishing of our report," Trend Micro wrote on its blog.

"Although we have not seen newly compiled samples being spread – we have seen two recent attempted infections with existing binaries from Arid Viper on the 15th and 19th of February against a target in Israel and Kuwait respectively."

Since the publishing evidence has also emerged that a Gmail account belonging to Khalid Samraa was merely used to register a web domain on behalf of one of the hackers, and did not indicate Samraa’s involvement in the campaign.

A Facebook account for Fathy Mostafa, who has also been linked by the company to C&C servers, has also been closed, with Trend Micro believing it was a response to the public disclosure of the campaign.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.