Operation HamsaUpdate: A Sophisticated Campaign Delivering Wipers Puts Israeli Infrastructure at Risk [Thursday, December 21, 2023]

Operation HamsaUpdate: A Sophisticated Campaign Delivering Wipers Puts Israeli Infrastructure at Risk [Thursday, December 21, 2023]
Report

Operation HamsaUpdate: A Sophisticated Campaign Delivering Wipers Puts Israeli Infrastructure at Risk

Description :
On December 19th, the Israel National Cyber Directorate released an urgent alert warning regarding a phishing campaign actively targeting Israeli customers using F5’s network devices. Intezer has labeled this campaign Operation HamsaUpdate. It features the deployment of a newly developed wiper malware that targets both Windows and Linux servers. The campaign leverages a convincingly written email in Hebrew and utilizes sophisticated social engineering techniques, pressuring victims to execute the harmful code residing on their servers. The final attack delivers a complex, multi-stage loader or a destructive wiper, each variant customized for either Linux or Windows environments.

Published Created Modified
2023-12-21 12:36:58 2023-12-21 12:36:58 2023-12-21 13:04:12

Tags

Indicators

IPv4s :
  • 31.192.237.207
Hashes :
  • 64c5fd791ee369082273b685f724d5916bd4cad756750a5fe953c4005bb5428c
  • 336167b8c5cfc5cd330502e7aa515cc133656e12cbedb4b41ebbf847347b2767
  • fe07dca68f288a4f6d7cbd34d79bb70bc309635876298d4fde33c25277e30bd2
  • aae989743dddc84adef90622c657e45e23386488fa79d7fe7cf0863043b8acd4
  • e28085e8d64bb737721b1a1d494f177e571c47aab7c9507dba38253f6183af35
  • 6f79c0e0e1aab63c3aba0b781e0e46c95b5798b2d4f7b6ecac474b5c40b840ad
  • ad66251d9e8792cf4963b0c97f7ab44c8b68101e36b79abc501bee1807166e8a
  • ca9bf13897af109cb354f2629c10803966eb757ee4b2e468abc04e7681d0d74a
  • 5d741f9af9da7ce79132daa37a200afed1cb0c28e47de35d127113d69cbab13d
  • 454e6d3782f23455875a5db64e1a8cd8eb743400d8c6dadb1cd8fd2ffc2f9567
  • f58d3a4b2f3f7f10815c24586fae91964eeed830369e7e0701b43895b0cefbd3

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.