Syrian Government Targeting Activists' Computers Via Skype
- 2013 Social Media Analytics Best-Practices
- CTO to CTO: Scott Davies, VMware, and Jim Davies, Mitel, Give Voice to the Virtual Desktop
White PapersMore >>
The company received a hard drive image of the infected computer and analyzed it. What they found was not especially sophisticated or even unusual. It was a commercially available remote control trojan program named "Xtreme RAT". See an image of the site below:
The victim of the attack had received a Skype message from another anti-government activist who had already been arrested. Combine that with the fact that the remote control program reports to an IP address owned by "Syrian Arab Republic STE (Syrian Telecommunications Establishment)" and it's a good bet that the Skype message actually came from the government.
The nature of the attack verifies earlier reporting by CNN that a general campaign of spyware and identity theft had been launched against anti-government activists.
Follow Larry Seltzer and BYTE on Twitter, Facebook, LinkedIn, and Google+: