VIRUS DEFINITION
Virus Type: Malware / Espionage Tool
What is Desert Falcons?
Desert Falcons is a group of cybermercenaries operating from the Middle East and using a set of methods to hide and operate malware. The cybercriminals appear to be highly skilled: in addition to proficient social engineering tricks, they have developed the following from scratch:
- Computer systems malware targeting Windows devices
- Mobile malware targeting Android devices
- Infection vectors, including phishing emails, fake websites and fake social networking accounts
Who are the victims of Desert Falcons?
Potential victims were enticed with socio-political news and information, and many succumbed rapidly to malware infection.
The victims targeted include:
- Military and Government
- Newspaper, TV/Radio Channels and Top Media Outlets
- Financial and Trading Institutions
- Research and Education Institutions
- Activists and Political Leaders
- Energy Firms
- Physical Security Companies
Victims of the Desert Falcons are located mainly in the following countries:
- Egypt
- Palestine
- Israel
- Jordan
How do I know if I'm infected or not?
The list of indicators of compromise is available on Securelist.com
How can I protect myself against the Desert Falcons campaign?
Kaspersky Lab products detect and block all variants of the malware used in this campaign:
- Trojan.Win32.DesertFalcons
- Trojan-Spy.Win32.Agent.cncc
- Trojan-Spy.Win32.Agent.ctcr
- Trojan-Spy.Win32.Agent.ctcv
- Trojan-Spy.Win32.Agent.ctcx
- Trojan-Spy.Win32.Agent.cree
- Trojan-Spy.Win32.Agent.ctbz
- Trojan-Spy.Win32.Agent.comn
- Trojan.Win32.Bazon.a
