A Yemeni hacking group is eavesdropping on the phones of military personnel in the Middle East, the latest sign of how surveillance has gone mobile in conflicts across the world, researchers say.

In a report published Tuesday, researchers from the cybersecurity firm Lookout say hackers affiliated with Yemen’s Houthi movement — the militant group that controls of most of the country — have successfully infected surveillance software on phones belonging to more than 450 people in their home country as well as in Saudi Arabia, Egypt, Oman, the United Arab Emirates, Qatar and Turkey.

“It just shows how mobile as a threat really has made it into every conflict on Earth as a cyber target,” said Christoph Hebeisen, the director of security intelligence research at Lookout. “Yemen always seems like a small and not very advanced place, and they don’t have great means, yet they managed to create this kind of cyber weapon.”

The Houthi operation kicked off in 2019 and targets military personnel of interest to the group, Lookout said. It relies on a version of the Dendroid malware that leaked online a decade ago —dubbed GuardZoo —  that can collect data from phones such as photos, documents and files related to marked locations, according to Lookout.

The Houthi movement came to international prominence in 2014 when it launched a military campaign against the then-government, causing its collapse and setting off a subsequent humanitarian crisis. The group is backed by Iran and has spent years fighting a Saudi-backed military force. More recently, the group has carried out crippling attacks on international shipping passing through the Strait of Hormuz in retaliation for Israel’s military campaign in Gaza.

The Houthis have in recent years embraced the use of cyber capabilities. Last year, researchers with Recorded Future observed a hacking group with likely ties to the Houthis carrying out a digital espionage campaign that relied on WhatsApp to send malicious lures to its targets.

The activity described in Tuesday’s report also relied on WhatsApp, in addition to direct browser downloads, to infect its targets, but Lookout said its researchers had not previously observed activity from the group behind the campaign. Of particular interest to the group are maps that might reveal the locations of military assets, said Lookout’s senior security researcher, Alemdar Islamoglu.

“The campaign mostly uses military themes to lure victims, but Lookout researchers also observed that religion and other themes are being used,” the report says, citing examples such as a religious-themed prayer app or military-themed apps.

The post Researchers catch Yemeni hackers spying on Middle East military phones appeared first on CyberScoop.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Security and Human Behavior (SHB) 2024

June 7, 2024 0 Comments 0 tags

This week, I hosted the seventeenth Workshop on Security and Human Behavior at the Harvard Kennedy School. This is the first workshop since our co-founder, Ross Anderson, died unexpectedly. SHB

Read More

Biden Warns Chinese Cars Could Steal US Citizens’ Data

March 1, 2024 0 Comments 0 tags

President Biden warned that connected vehicles built in China could be used to steal sensitive data of US citizens and critical infrastructure

Read More

Biden Executive Order to Bolster US Maritime Cybersecurity

February 21, 2024 0 Comments 0 tags

The White House Executive Order will give new powers to the US Coast Guard to manage cyber threats in ports and issue cybersecurity standards

Read More