 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: SameCoin| Names | SameCoin | |
| Category | Malware | |
| Type | Wiper | |
| Description | (HarfangLab) Following an X post by IntezerLab about an attack campaign that they dubbed “SameCoin”, we analyzed the samples they discovered and found a few identical variants. The infection vector appears to be an email impersonating the Israeli National Cyber Directorate, which tricks the reader into downloading malicious files which are presented as ‘security patches’. Victims who download and execute linked files are infected with a wiper which, under certain circumstances, could also infect other hosts in the network. We assess that the campaign’s reach was limited, evidenced by the fact that the malware linked in the email was downloaded only a few dozen times. | |
| Information | <https://harfanglab.io/insidethelab/samecoin-malware-hamas/> <https://research.checkpoint.com/2024/hamas-affiliated-threat-actor-expands-to-disruptive-activity/> | |
Last change to this tool card: 26 December 2024
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
 | WIRTE Group | [Middle East] | 2018-Feb 2024 | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |