Desert Falcons
-
First known sample
2011 -
Discovery
2014 -
Number of targets
3000-10000 -
Current status
Active -
Type
Backdoor , Trojan -
Targeted platforms
Android , Windows -
TOP targeted countries
Egypt , France , Iraq , Israel , Jordan , Kuwait , Lebanon , Mexico , Morocco , Norway , Palestine , Qatar , Russia , Saudi Arabia , South Korea , Sweden , Turkey , USA , United Arab Emirates
-
The way of propagation
Social engineering -
Purpose/Functions
Cyberespionage , Data theft , Surveillance -
Special features
the First Known Arabic Cyber Espionage Group
-
Targets
Academia/Research , Activists , Business individuals , Construction , Critical infrastructure engineering firms , Education , Energy, oil and gas companies , Financial institutions , Government entities , Industrial/machinery , Journalists , Manufacturing , Mass media and TV , Military , Politicians , Private companies , Specific individuals , Trade and commerce -
Artefacts/Attribution
The Desert Falcons team members count around 30, working in three teams and operating mainly from Palestine, Egypt and Turkey.
-
Description
This is believed to be a group of cyber mercenaries carrying out cyber-espionage campaigns in the Middle East. They use a variety of technical and social engineering methods to deliver their infected files; once inside the system, they look for sensitive information that can be used to further their operations or for extortion. Victims range from those representing the military and government, to targets of leading media entities and financial institutions.