The Desert Falcons
Virus Type: Malware / Espionage Tool
What is Desert Falcons?
Desert Falcons is a group of cybermercenaries operating from the Middle East and using a set of methods to hide and operate malware. The cybercriminals appear to be highly skilled: in addition to proficient social engineering tricks, they have developed the following from scratch:
- Computer systems malware targeting Windows devices
- Mobile malware targeting Android devices
- Infection vectors, including phishing emails, fake websites and fake social networking accounts
Who are the victims of Desert Falcons?
Potential victims were enticed with socio-political news and information, and many succumbed rapidly to malware infection.
The victims targeted include:
- Military and Government
- Newspaper, TV/Radio Channels and Top Media Outlets
- Financial and Trading Institutions
- Research and Education Institutions
- Activists and Political Leaders
- Energy Firms
- Physical Security Companies
Victims of the Desert Falcons are located mainly in the following countries:
How do I know if I'm infected or not?
The list of indicators of compromise is available on Securelist.com
How can I protect myself against the Desert Falcons campaign?
Kaspersky Lab products detect and block all variants of the malware used in this campaign: