Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.
Latest posts by Esme Greene (see all)
- “Ducktail” Hackers Target Facebook - September 28, 2023
- Okta Breach: Super Admin Hack - September 24, 2023
- Rackspace: $10.8M Cloud Shift - September 23, 2023
An eavesdropping operation by the hacker collective OilAlpha, which is likely connected to the Hussite movement in Yemen, was uncovered by the IS firm Recorded Future. The assaults were directed against nonprofit groups, media outlets, and humanitarian organizations working in the Arabian Peninsula.
Recorded Future claims that in April and May 2022, OilAlpha transmitted corrupt Android files over WhatsApp to journalists and lawmakers. Concurrent with the campaign were talks in Saudi Arabia between Yemeni figures involved in the almost ten-year civil upheaval. SpyNote and SpyMax malware are being installed on mobile devices by the hacking gang using remote access capabilities.
OilAlpha is expected to keep attacking groups in Yemen that are involved in the political crisis there as well as humanitarian and NGO organizations, claims Recorded Future.
The gang has also impersonated the applications of Saudi non-governmental organizations such the Norwegian Refugee Council, the Red Crescent Society, and the United Nations Children’s Fund, according to Recorded Future analysts. All of the organizations work in Yemen to provide humanitarian aid and disaster assistance.
The organization doesn’t do much to conceal its network. OilAlpha mostly makes use of the Public Telecommunication Corporation, a Yemeni company that is likely governed by Hussite authorities. Additionally, the gang utilizes dynamic DNS (DDNS) nearly exclusively, which acts as an additional attribution marker.
The effectiveness of the OilAlpha assaults is yet unknown to specialists. There is insufficient information to definitively say that Yemeni agents are behind the OilAlpha campaign or that other hacking groups in the area are to blame, hence Recorded Future cannot definitively link OilAlpha to the Husi movement.