Syrian Dissidents Hit By Another Wave of Targeted State-Sponsored Attacks

Trailrunner7 writes "One of the attackers who has been targeting Syrian anti-government activists with malware and surveillance tools has returned and upped the ante with the use of the BlackShades RAT, a remote-access tool that gives him the ability to spy on victims machines through keylogging and screenshots. The original attacks against Syrian activists, who are working against the government's months-long violent crackdown, were using another RAT known as Xtreme RAT, with similar capabilities. That malware was being spread through a couple of different targeted attacks, including one in which activists were directed to YouTube videos and their account credentials were then stolen when they logged in to leave comments. That attack continued with the installation of the RAT, giving the attacker surreptitious access to the victims' machines, enabling him to monitor their activities online. Now, researchers say that at least one attacker who is known to be involved in these targeted attacks also is using the BlackShades RAT in a new set of attacks."

IT'S OKAY !! RUSSIA AND CHINA SAY SO !!

[Anonymous Coward]

So relax, take it easy !!

How come there's no such hacker in Libya ?

[Taco Cowboy]

Looks like the Syrian government is much more technically advanced than the one ran by the late Colonel Gaddafi in Libya

Can't they

[Threni]

burn the Tails TOR distro to cd so it's read only. And do basic, common sense stuff like using disposable accounts to post publicly (signing content so people can trust the authenticity of the posts)?

Youtube?

[girlintraining]

I have to question the accuracy of this submission; If they're directed to YouTube and that is the source of the drive-by infection, then that means that everyone who uses YouTube globally would be vulnerable to this, not just Syrian dissidents. It would also require the cooperation of Google; Which in turn means this is tandamount to an admission that the US government is helping Syria track down it's political dissidents. Historically, we have invested a lot of intelligence resources to help those disside

Re:Youtube?

[idontgno]

Proxying plus script injection could accomplish this effect without Google's complicity or any type of site spoofing.

where are you Anonymous?

[circletimessquare]

Do some good. Load those low orbit ion cannons, ddos the Syrian Govt's capacity.

Re:

[Mashiki]

AHahaha...yeah the script kiddies. Oh sure. Yep they're out doing good stuff again. So anyway, I mean the rebels are out doing things like trying to get reporters killed too [channel4.com]. But hey, whatever. Pallywood everywhere!

Re:

[Mashiki]

We all know Israel just want to keep those dictators so it sent out her idiots to spread propaganda. ....

That makes even less sense than what you usually see from the average Israel hater. So let me see if I get this straight, Israel, and in turn Jews, the most prosecuted religious and ethnic group that we've seen in the last 2000 years, has a vested interest in...oppressing themselves? Okay there. That's why in every defensive war they've ever fought, they've given up more than what they've gained in order to secure peace.

Yeah, just a few bricks short of a full load there.

Re:

[Psyborgue]

So Israel, is supporing Assad you say? An ally of Iran and a state supporter of terrorist attacks against Israel (Hezbollah, among others)? Seems to be Israel has no reason at all to support Assad. Sure the rebels might exactly be friendly either, but they can hardly be worse. No matter who is in power, weapons are going to get smuggled into Lebanon. Sunni may not like Shiite, but they both hate the Jews and are willing to cooperate when convenient. Iran supplies and funds Hamas and other Sunni groups

Re:

[Dan541]

Oh yea, a bunch of foul mouth teenager with cmd.exe ping are going to save the day.

O RLY?

[Anonymous Coward]

If you still believe in Syrian "dissidents", watch this.
https://www.youtube.com/watch?v=cGYTM9-DSEI#t=36m02s

Re:

[Anonymous Coward]

it's getting to the point where you can predict the argument before even clicking the link

No, it has got to the point when lots of people are completely zombified by Western propaganda and are unwilling to even hear anything that contradicts it. And you are the perfect example.

Re:

[Anonymous Coward]

I think it's more like people like you are sick of Western propaganda and are willing to embrace anything that contradicts it, including greater falsehoods.

Re:

[Em Adespoton]

I'm going to point out that this entire article is about luring people to view Youtube videos in an attempt to load a RAT onto their PC... Just saying.

Re:

[Psyborgue]

The fuck are you on about? Assad supports Hezbollah and is an ally to Iran. Why on earth would Israel support Syria. If you want to know who IS supporting Syria, look to Iran, China, and Russia, and the latter two only because of oil from and weapons sales to Syria and Iran. It's in Israel's interests to back the rebels if anybody, but won't do so publicly because in the Arab world, if a Jew is on your side, you lose all credibility. As much has been said by the current administration in Israel. The r

Re:

[Dunbal]

Yah I love the part where he tries to drag "building 7" into it.

Why should I believe you?

[Anonymous Coward]

This is a propaganda war as much as anything, and I don't have any evidence to believe either side.

Perhaps the Syrian government is not installing this software. Perhaps the activists are installing it to make the Syrian government look bad.

I have only an absence of evidence (impartially gathered and analysed), and that means I should believe no-one's conclusions.

Re:

[Anonymous Coward]

man, we missed you in threads about OWS. you could have accused protesters of dressing up as police and pepper spraying their friends. where were you?

Re:Why should I believe you?

[artor3]

Read the English-language Al Jazeera [aljazeera.com]. They are a fantastic source for whenever you are worried that your views on the Middle East are being colored by Western propaganda.

Re:

[ThatsNotPudding]

Read the English-language Al Jazeera [aljazeera.com]. They are a fantastic source for whenever you are worried that your views on the Middle East are being colored by Western propaganda.

When you need to have your spectrum re-tinted by Middle Eastern propaganda. Everyone has an agenda.

Re:

[flyingsquid]

This is a propaganda war as much as anything, and I don't have any evidence to believe either side.

Comments like this really, really piss me off. The thing is, you *do* have information, or rather, you have information if you want it. You have what the Syrian people do not have- free access to the internet- which means that you can go to Google News, type in something like "Syria Internet Surveillance" and in a second have all the information you want, and then think critically about what it all means. There are lots of articles about Syria spying on its citizens, there are dozens of articles about Weste

An oppressive government

[nurb432]

oppresses its citizens..

news at *yawn* 6...

Re:

[WorBlux]

Somalia wasn't a failed state, it was a failure to create 8 states. It's a very tribal culture, and each tribe should just be recognized individually, imperial sensibilities be damned.

Re:

[Em Adespoton]

Where were you during the debate about switching from standard transmission to automatic took place?

Re:

[Johann Lau]

The fuck? What does that have to do with anything?

Who are the good guys?

[Anonymous Coward]

Do we have any way to really know for sure that the Syrian government are the bad guys here?
Why should we assume that the "dissidents" are preferable?

Re:

[Alex Belits]

Because they work for CIA, the good guys!

Re:

[Em Adespoton]

Do there have to be good guys? Can't all sides be bad?

Re:

[Anonymous Coward]

Do we have any way to really know for sure that the Syrian government are the bad guys here? Why should we assume that the "dissidents" are preferable?

I guess the fact that a gov. is butchering their citizens makes them a bad guy. But, hey, I am guessing that you are with Iran, Russia, China, or North Korea?

Re:

[Anonymous Coward]

This is a fantastic question, and indeed, the first question that ought to be asked in any discussion about Syria.

First of all, the idea that a revolution in a Muslim country would be anything even close to the Velvet revolution in Czechoslovakia (which resulted in Czech & Slovakia amicably separating) is one of the most inane assumptions anyone could make of Muslims. In Tunisia, where the Arab Spring started, this [adnkronos.com] is [ansamed.info] what [ansamed.info] is [ansamed.info] going [alarabiya.net] on [ansamed.info] today [eurasiareview.com] - from a country that was always assumed to be very Westerni

One way to avoid this

[techno-vampire]

I took a look at TFA, and saw exactly what I expected: the malware is specifically designed to attack computers running Windows. Now, I'll admit that that's reasonable, considering how big Microsoft's market share is, but it does lead to an interesting suggestion: get the dissidents to move to Linux, at least as dual-boot, and only use Linux for their political activities. Not because Linux is immune to malware, but because it's immune to the specific malware they need to be concerned about. And, if they

Re:

[unixisc]

Except that the people of Syria don't speak Farsi - not even the Shia or Alawites. Although there may be Arabic localization in some of the lead distros.

Re:

[techno-vampire]

Yeah, I kinda figured that. However, the distro does come with the appropriate fonts by default, and the maintainers would probably see nothing wrong with adding an Arabic spin. The important thing, IMO, is getting them away from using a vulnerable OS for their political activities.

Re:

[couchslug]

Citations needed.

Targeted __WINDOWS__ attacks.

[couchslug]

Yes, it matters.

Even the US military "gets" that Windows machines at home aren't at all secure and offers this nifty distro. Free download, and if you are USian your taxes were actually spent well for a change:

http://www.spi.dod.mil/lipose.htm [dod.mil]