| SYMBOL | COMMON_NAME | aka. SYNONYMS |
AridViper is a state-sponsored APT primarily targeting military personnel, journalists, and dissidents in the Middle East, with a focus on Israel and Palestine. The group employs custom-developed mobile malware, including variants like AridSpy, GnatSpy, and Micropsia, often delivered through spear-phishing emails and deceptive applications. Their operations involve sophisticated social engineering tactics, including the use of fake social media profiles and weaponized apps masquerading as legitimate services. AridViper's activities are characterized by a blend of technical sophistication and psychological manipulation, aiming to exfiltrate sensitive data from compromised systems.
| 2023-12-14
⋅
SentinelOne
⋅
Gaza Cybergang | Unified Front Targeting Hamas Opposition BarbWire Micropsia Pierogi AridViper |
| 2023-04-04
⋅
Symantec
⋅
Mantis: New Tooling Used in Attacks Against Palestinian Targets Arid Gopher Micropsia |
| 2022-04-06
⋅
Cybereason
⋅
Operation Bearded Barbie: APT-C-23 Campaign Targeting Israeli Officials Barb(ie) Downloader BarbWire |
| 2022-03-22
⋅
The Register
⋅
What does Go-written malware look like? Here's a sample under the microscope Arid Gopher |
| 2022-03-21
⋅
DeepInstinct
⋅
What is Arid Gopher? An Analysis of a New, Never-Before-Seen Malware Variant Arid Gopher AridHelper |
| 2022-02-02
⋅
Cisco
⋅
Arid Viper APT targets Palestine with new wave of politically themed phishing attacks, malware Micropsia |
| 2021-05-04
⋅
malware4all
⋅
Grab your own copy of Phenakite iOS malware today Phenakite |
| 2021-04-21
⋅
Facebook
⋅
Technical Paper // Taking Action Against Arid Viper Viper RAT Micropsia |
| 2020-09-30
⋅
ESET Research
⋅
APT‑C‑23 group evolves its Android spyware SpyC23 |
| 2020-02-16
⋅
Check Point Research
⋅
Hamas Android Malware On IDF Soldiers-This is How it Happened Unidentified APK 004 |
| 2019-08-15
⋅
Github (jeFF0Falltrades)
⋅
MICROPSIA (APT-C-23) Micropsia |
| 2018-07-08
⋅
Check Point Research
⋅
APT Attack In the Middle East: The Big Bang Micropsia The Big Bang |
| 2018-07-03
⋅
Haaretz
⋅
Hamas Cyber Ops Spied on Hundreds of Israeli Soldiers Using Fake World Cup, Dating Apps GlanceLove |
| 2018-07-03
⋅
ClearSky
⋅
Infrastructure and Samples of Hamas’ Android Malware Targeting Israeli Soldiers GlanceLove |
| 2017-12-18
⋅
Trend Micro
⋅
New GnatSpy Mobile Malware Family Discovered GnatSpy |
| 2017-06-19
⋅
Cisco Talos
⋅
Delphi Used To Score Against Palestine Micropsia AridViper |
| 2017-06-14
⋅
ThreatConnect
⋅
Phantom of the Opaera: New KASPERAGENT Malware Campaign KasperAgent AridViper |
| 2017-04-05
⋅
Palo Alto Networks Unit 42
⋅
Targeted Attacks in the Middle East Using KASPERAGENT and MICROPSIA KasperAgent Micropsia |
| 2017-02-16
⋅
Kaspersky Labs
⋅
Breaking The Weakest Link Of The Strongest Chain GlanceLove |
| 2017-02-16
⋅
Lookout
⋅
ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar Viper RAT AridViper |
| 2017-02-16
⋅
Kaspersky Labs
⋅
Breaking The Weakest Link Of The Strongest Chain Viper RAT AridViper |
| 2017-02-05
⋅
IDF
⋅
Hamas Uses Fake Facebook Profiles to Target Israeli Soldiers GlanceLove |
| 2015-09-18
⋅
Proofpoint
⋅
Operation Arid Viper Slithers Back into View AridViper |
| 2015-02-25
⋅
Trend Micro
⋅
OPERATION ARID VIPER: Bypassing the Iron Dome AridViper |
| 2015-02-19
⋅
Security Affairs
⋅
Arid Viper – Israel entities targeted by malware packaged with sex video AridViper |
| 2015-02-18
⋅
Trend Micro
⋅
Sexually Explicit Material Used as Lures in Recent Cyber Attacks AridViper |
| 2015-02-17
⋅
Kaspersky Labs
⋅
The Desert Falcons targeted attacks AridViper |
| 2015-02-01
⋅
Kaspersky Labs
⋅
The Desert Falcons Targeted Attacks AridViper |