Government-sponsored attackers are using Google Drive, Dropbox and other legitimate resources to spy on Middle Eastern targets and extract data.
Cruel files compiled to look like official Israeli-Palestinian conflict-related content are used to identify prominent Palestinian people, as well as activists and journalists in Turkey, through spyware.
That is according to a statement from Zscaler, who said the cyberattack attack was caused by an ongoing MoleRats threat (APT). A team of Zscaler researchers was able to bring the MoleRats, an Arabic-speaking group with a history of identifying Palestinian interests, into the campaign due to the accumulation of .NET payload and command-and-control (C2) and previous attacks by the MoleRats APT. The campaign started last July, reports Zscaler.