Devastating malware that lets criminals hack into banking accounts, steal data, and spy on computer users is suspected of being linked to terrorist group Hamas‘ cyberwarfare division.
The so-called “Remote Administration Tool,” or RAT, is called Escanor and first surfaced on the Dark Web in January. It can infect computers through Microsoft Office documents, according to Resecurity, which protects Fortune 500 companies. Computers have reportedly been infected in the U.S., Canada, the United Arab Emirates, Saudi Arabia, Kuwait, Bahrain, Egypt, Mexico, Singapore, and Israel.
“The tool can be used to collect GPS coordinates of the victim, monitor key strokes, activate hidden cameras, and browse files on the remote mobile devices to steal data,” Resecurity warned.
The domain name behind the dangerous tool, “escanor[.]live,” may be linked to Molerats and APT-C-23, two units of the Hamas cyberwarfare division. Security Affairs reported that APT-C-23 is “known in particular to target Israeli military assets,” and that Molerats, which has been linked to Hamas, has been active for over a decade.
Read more: Daily Wire