Trend Micro recently announced a new research paper that covers two malware threats based in the Middle East, using servers in Germany. The Trend Micro deduced that the two malware threats, Operation Arid Viper and Operation Adtravel, are connected to the same organization, and that these are both part of the cyberattack conflict in the Gaza region.
To begin, the Operation Arid Viper, which was first found in mid-2013, is a sophisticated piece of malware that disguises itself as a video attachment to an email. Once the target opens the file, the malware goes to work in a “smash and grab” to extract files. This particular piece of malware targets high-level Israeli officials.
On the other side is Operation Adtravel, a much less sophisticated piece of malware that is aimed at targeting personal laptops. This particular malware has been traced to Egypt, and has attacked 100s of people in that region.
Though these two malware threats seem very different, Trend Micro has found that they are both hosted on the same server in Germany, and they are both registered to the same individuals. According to Trend Micro reps, this is indicative of a single organization using many types of malware to wage cyberattacks in the Middle East.
You can view the full report at: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-operation-arid-viper.pdf
