It seems that Middle East is fast becoming the primary target for malware authors. First, the region was hit with Flame malware, then with another close variant of it was discovered, and now Palestine and Israel are reportedly being hit with a new Benny Gantz-55 malware.
The malware is named after the Chief of General Staff of Israel, Benny Gantz. It is being distributed in the form of emails sent to different officials as well as common users.
A typical Benny Gantz-55 mail comes with “bennygantz59[at]gmail[dot]com”as the sender’s address and the subject as “IDF strikes militants in Gaza strip following rocket barrage.” If the attachment is opened, it allows the XtremeRat trojan to install itself on the computer.
It is the very same trojan which has been allegedly used in spying on Syrian activists. According to Trend Micro, the new version of the trojan is compatible with Windows 8 and comes with a whole host of new features. It can conveniently grab Firefox and Chrome passwords and is also able to capture audio recording on a machine.
To counter this new wave of cyber attacks, Israeli authorities have banned the police from connecting their machines to the internet. Moreover, police officials are also not allowed to connect their memory sticks or USB drives with their computers any more, since USB sticks are a major source of spreading malware.
So far, it could not be determined where the emails have originated from and who are the authors of the malware. Some have implied that it may be the work of Iran, but nothing definite can be said of this new malware as of now.
Source: Trend Micro
Courtesy: The Hacker News