As violence continues on the streets in Syria, cyberattacks against Syrian activists have multiplied and have become increasingly complex over the past several months.
In Syria, the revolution is both happening on the ground and on the internet with activists and citizen journalists providing footage and photos from the front to mainstream media.
Since the beginning of the year, Syrian activists have been targeted many times including through the use of Trojans, which install spying software on their computer, but also through the use of fishing attacks which steal activists’ Youtube and Facebook login details. TrendMicro, a Malware Blog discovered last month the existence of a website purporting to provide encryption for Skype but actually installs DarkComet 3.3, a software that enables the attacker to capture webcam activity, disable notification setting for certain antivirus program, steal passwords and more.
One of the latest cyberattacks, which was discovered by the Electronic Frontier Foundation (EFF), encourages Syrian activists to download a PDF purporting to contain a plan to assist the city of Aleppo. This attack installs a Trojan called DarkComet RAT, which like DarkComet 3.3, enables the attacker to capture webcam activity, disable notification setting for certain antivirus program, record key strokes, and steal passwords.
Over the past few weeks the city of Aleppo has been the scene of large anti-regime protests, which have grown since security forces raided last month the dormitories at Aleppo University, killing four students.
Picture via EFF