In contemporary conflicts the use of malware it has now become a habit.
In the current war in Palestine, one of the most famous and feared groups of hackers is the Gaza Cyber Gang, responsible for several operations already in the years preceding the outbreak of the conflict. One of the malware managed by the collective is la backdoor known as Pierogi of which, just in recent days, SentinelOne has identified a new and fearsome version.
We are talking about Pierogi++a malicious agent that differs from the previous version in that it was created in C++. This is no small innovation, given that its predecessor was built across Delphi e Pascal.
As reported by Aleksandar Milenkoski in a shared relationship with The Hacker Newsthe Gaza Cyber Gang’s operations have not changed much compared to the pre-war period, with the first malware operations dating back to 2012. Recently, hackers have hit the headlines for spreading malware IronWind.
Gaza Cyber Gang and Pierogi++: Cybercriminals’ goal is focused on espionage
The group in question, according to data obtained by researchers, mainly works with attacks spear-phishing, exploiting a large number of different malware. In this sense, Pierogi++ represents only the latest threat proposed by cybercriminals.
The backdoor in question, contrary to what one might think, however, attacks Palestinian entities not aligned with the ideologies of Hamas. Apparently, Pierogi++ appears to be the main vector exploited to spread bait-documentswritten in Arabic or English, related to political issues that may attract the attention of potential victims.
Second Cybereasonwhich in 2020 was able to analyze the previous version of the malware, this type of malicious agent focuses on data theft and the more generic espionage. Just like Pierogi, its C++ version can too take screenshots and perform various remote commands.