Palestinian threat actor, MoleRats, may have been the mastermind of the latest e-mail campaign targeted by Middle Eastern governments, foreign officials and a state-owned airline with a new intelligence Trojan called NimbleMamba, researchers said.
Proofpoint researchers say they have seen a criminal operation to steal sensitive information using multiple vectors since November who believe the activity of TA402, better known as MoleRats and linked to Palestinian Territories, according to a report posted online Tuesday. The campaign uses a variety of criminal practices to steal sensitive information and incorporates tactics not only to prevent detection but also to ensure that its core computer malware attacks only target specific targets, Proofpoint researchers wrote in the report. Another attack seen by the group also brought a second load, a Trojan called BrittleBush.
Read More: https://threatpost.com/molerats-apt-trojan-cyberespionage-campaign/178305/