12 digital gangs have targeted Egypt since beginning of pandemic: Kaspersky

Kaspersky researchers monitored persistent threats (APT) in Egypt, and prepared 38 investigative reports related to 12 digital gangs targeting the country since the beginning of Coronavirus.

The reports included information on threats and investigations related to digital gangs targeting Egypt, which ranks third in the number of reports issued by all Middle Eastern countries, making it one of the most targeted countries in the region.

Kaspersky found that these gangs primarily target government institutions and diplomatic agencies as well as educational institutions and telecommunications companies in the country.

Other target audiences include financial institutions, IT companies, healthcare institutions, law firms, and military and defense agencies.

Some of the notorious digital gangs behind APTs investigated in Egypt included Lazarus, MuddyWater, Zeboracy, StrongPity, and SideCopy.

The research team found that exploitation of public applications, valid accounts, and phishing were the most common attack vectors targeting infrastructure in Egypt.

The Lazarus gang, for example, is notorious for conducting targeted phishing campaigns and “water hole” attacks that monitor highly frequented websites and inflate them with malware. The MuddyWater Middle Eastern espionage gang targeted government agencies, telecom companies and oil with the aim of extracting information using the hacked accounts to send phishing emails with attachments directed at specific targets. 

There is the Zeboracy Trojan, which is employed in digital espionage campaigns to collect raw data from compromised systems.

The StrongPity gang is responsible for spying campaigns that use “zero-day” attacks, social engineering tricks, and Trojan installers to deliver malware to their victims.

In turn, the SideCopy gang carries out malware attack campaigns targeting various entities for espionage purposes.

Abdelsabour Arous, a security researcher in Kaspersky’s Global Research and Analysis Team, emphasized that threats are becoming more and more complex every day, saying that investigating and reporting on the activity of these digital gangs…