Arid Viper Hacking Group using updated Malware

The Arid Viper hacking group has been identified as the culprit behind a recent wave of cyber attacks in the Middle East. The group is known for its sophisticated attacks on government and military targets in the region. According to cybersecurity experts, the group has recently developed an upgraded malware that is being used in these attacks.

Upgraded Malware

The upgraded malware, known as “Snakebite,” is a highly advanced tool that allows the hackers to gain access to sensitive information and communications. The malware is designed to evade detection by traditional antivirus software and can remain undetected for months. Once the hackers gain access to a system, they can steal data, monitor communications, and even take control of the system.

Victims

The countries that have been targeted in these attacks include Saudi Arabia, the United Arab Emirates, and Qatar. The attacks have targeted government agencies, military organizations, and critical infrastructure. The hackers are believed to be seeking sensitive information that could be used for espionage or to disrupt the operations of these organizations.

Culprit

The Arid Viper hacking group is known for its ties to the Iranian government. The group is believed to be operating out of Iran and has been active since at least 2014. The group has been linked to several high-profile attacks in the region, including attacks on Saudi Aramco and the Qatar National Bank.

In conclusion, the Arid Viper hacking group is using an upgraded malware called “Snakebite” to target government and military organizations in the Middle East. The group is seeking sensitive information that could be used for espionage or to disrupt the operations of these organizations. The group is believed to be operating out of Iran and has ties to the Iranian government. Cybersecurity experts are urging organizations in the region to take steps to protect themselves from these attacks.

Recent Developments

The hacking group known as Arid Viper has been observed using updated versions of their malware toolkit in their attacks targeting Palestinian entities since September 2022. Symantec, tracking the group under its insect-themed moniker Mantis, reports that the group is skilled at maintaining a persistent presence on their targets’ networks. Arid Viper and Micropsia are among their most recent malware types used to breach targets, conduct credential theft and exfiltration of stolen data. Mantis has been linked to attacks in the Middle East and Palestine since at least 2014, and have been found to use homemade malware tools under different insect-themed names, such as ViperRat, FrozenCell, and Micropsia. The group is thought to be made up of native Arabic speakers located in Palestine, Egypt, and Turkey, and has been previously linked to the cyber warfare division of Hamas.

The group typically uses spear-phishing emails and fake social credentials to deliver their malware to targets. They have demonstrated a high level of determination, evidenced by their extensive malware rewriting and their decision to compartmentalize attacks against single organizations into multiple separate strands to reduce the chances of detection. Symantec warns that Arid Viper and Mantis pose a significant threat and urges organizations to take precautionary measures, such as using multi-factor authentication, investing in endpoint security, and providing regular employee training on recognizing and avoiding phishing attacks. It is important to remain vigilant and stay informed about evolving threats as digital adversaries continue to evolve their methods and tools.

that’s it <3


LET’S WORK TOGETHER