SilentSelfie: Revealing a major campaign against Kurdish websites
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A large-scale cyber espionage campaign targeting Kurdish websites was uncovered, involving 25 compromised sites using four variants of malicious scripts. The attacks ranged from simple location tracking to prompting users to install malicious Android apps. Despite lacking sophisticated techniques, the campaign's scale and duration were notable, operating undetected since late 2022. The compromised sites were linked to Kurdish media, political organizations, and the Rojava administration in Syria. A malicious Android app disguised as a news app was also discovered, capable of exfiltrating user data. While attribution remains uncertain, potential actors include Turkish intelligence, Syrian government, or the Kurdistan Regional Government of Iraq.
OPENCTI LABELS :
cyber espionage,watering hole,kurdish,android malware,silentselfie,location tracking,rojava
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
SilentSelfie: Revealing a major campaign against Kurdish websites