Here's how hackers faked out Syrian rebels by pretending to be hot girls on Skype
A report by US security company FireEye reveals that hackers affiliated with the Assad regime deliberately targeted Syrian rebels by pretending to be attractive women online, Gizmodo reports.
Once a target was identified, the rebels would be approached by a "woman" on Skype, and the pair would get talking. At some point, the attacker would ask what operating system or platform the rebel was using, so the attack be targeted more accurately. The two would then share "photos." However, the attacker's fake photo would be loaded with malware that would infect the target's device upon opening.
The accounts often had corresponding fake Facebook profiles. Here's two examples from FireEye's report:
The hackers have had numerous successes with the attack strategy. At the end of 2013, they were able to withdraw more than 7 gigabytes of data after gaining access via the "catfish" method. This includes details of military hardware, political strategies and manifestos, humanitarian financing documents, and lists of casualties from the conflict.
Here's an example chatlog:
It's indicative of how warfare is changing in the digital age and how important "cyber" capabilities can be.
"Cyber espionage is traditionally understood as a method aimed at achieving an information edge or a strategic goal," FireEye writes. "However, our research on malware activity related to the ongoing conflict in Syria indicates that such operations can provide actionable military intelligence for an immediate battlefield advantage."