VIRUS DEFINITION

Virus Type: Malware / Espionage Tool

What is Desert Falcons?

Desert Falcons is a group of cybermercenaries operating from the Middle East and using a set of methods to hide and operate malware. The cybercriminals appear to be highly skilled: in addition to proficient social engineering tricks, they have developed the following from scratch:

  • Computer systems malware targeting Windows devices
  • Mobile malware targeting Android devices
  • Infection vectors, including phishing emails, fake websites and fake social networking accounts

Who are the victims of Desert Falcons?

Potential victims were enticed with socio-political news and information, and many succumbed rapidly to malware infection.

The victims targeted include:

  • Military and Government
  • Newspaper, TV/Radio Channels and Top Media Outlets
  • Financial and Trading Institutions
  • Research and Education Institutions
  • Activists and Political Leaders
  • Energy Firms
  • Physical Security Companies

Victims of the Desert Falcons are located mainly in the following countries:

  • Egypt
  • Palestine
  • Israel
  • Jordan

How do I know if I'm infected or not?

The list of indicators of compromise is available on Securelist.com

How can I protect myself against the Desert Falcons campaign?

Kaspersky Lab products detect and block all variants of the malware used in this campaign:

Trojan.Win32.DesertFalcons
Trojan-Spy.Win32.Agent.cncc
Trojan-Spy.Win32.Agent.ctcr
Trojan-Spy.Win32.Agent.ctcv
Trojan-Spy.Win32.Agent.ctcx
Trojan-Spy.Win32.Agent.cree
Trojan-Spy.Win32.Agent.ctbz
Trojan-Spy.Win32.Agent.comn
Trojan.Win32.Bazon.a

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

Accept and Close