Desert Falcons

  • First known sample

    2011
  • Discovery

    2014
  • Number of targets

    3000-10000
  • Current status

    Active
  • Type

    Backdoor , Trojan
  • Targeted platforms

    Android , Windows
  • TOP targeted countries

    Egypt , France , Iraq , Israel , Jordan , Kuwait , Lebanon , Mexico , Morocco , Norway , Palestine , Qatar , Russia , Saudi Arabia , South Korea , Sweden , Turkey , USA , United Arab Emirates
  • The way of propagation

    Social engineering
  • Purpose/Functions

    Cyberespionage , Data theft , Surveillance
  • Special features
    the First Known Arabic Cyber Espionage Group
  • Targets

    Academia/Research , Activists , Business individuals , Construction , Critical infrastructure engineering firms , Education , Energy, oil and gas companies , Financial institutions , Government entities , Industrial/machinery , Journalists , Manufacturing , Mass media and TV , Military , Politicians , Private companies , Specific individuals , Trade and commerce
  • Artefacts/Attribution
    The Desert Falcons team members count around 30, working in three teams and operating mainly from Palestine, Egypt and Turkey.
  • Description

    This is believed to be a group of cyber mercenaries carrying out cyber-espionage campaigns in the Middle East. They use a variety of technical and social engineering methods to deliver their infected files; once inside the system, they look for sensitive information that can be used to further their operations or for extortion. Victims range from those representing the military and government, to targets of leading media entities and financial institutions.

    Additional information