Names | Cyber fighters of Izz Ad-Din Al Qassam (self given) Qassam Cyber Fighters (self given) QCF (self given) Fraternal Jackal (CrowdStrike) | |
Country | Iran | |
Sponsor | State-sponsored | |
Motivation | Sabotage and destruction | |
First seen | 2012 | |
Description | (MEMRI) On September 18, 2012, the Qassam Cyber Fighters (QCF) posted its first message, in both English and Arabic, on its Pastebin page; the message warned the world that it was now targeting U.S. banks for hacking attacks, and would do so in the future as well. Since its emergence, the group has vowed to continue to carry out cyber attacks against Western targets until YouTube removes the anti-Muslim video 'Innocence of Muslims,' stating in its first communiqué: 'All the Muslim youths who are active in the Cyber world will attack to American and Zionist bases as much as needed such that they say that they are sorry about that insult.' Since the September 18, 2012 message, in which it announced that it was planning to attack the Bank of America and New York Stock Exchange on that date, it has been widely speculated that the group's origins are in fact Iranian. Western media sources, as well as analysts who have studied the QCF, have stated that it is actually an Iranian front. Cyber security analyst Dancho Danchev performed the most authoritative open-source intelligence (OSINT) analysis on the issue of the group's links to Iran, aimed at exposing one of the individuals in the group, while former Senator Joseph I. Lieberman told C-Span that he believed that Iran's government was sponsoring the group's attacks on U.S. banks in retaliation for Western economic sanctions. Additionally, The New York Times quoted unnamed U.S. intelligence officials stating that the 'group is a convenient cover for Iran.' The QCF claims to have attacked Bank of America, the New York Stock Exchange, Capital One Financial Corp, SunTrust Banks Inc., BB&T, HSBC, JPMorgan Chase & CO, PNC Financial Services, U.S. Bancorp, Citigroup Citibank, Wells Fargo & Company, Ally Financial, Fifth Third Bancorp, Zions Bancorporation, Union Bank, Comerica, Citizens Bank, Umpqua Bank, People's United Bank, University Federal Credit Union, Patelco Credit Union, American Express, KeyCorp, Ameriprise Financial, Citizens Financial, BBVA Compass, UMB Financial Corporation, M&T Bank, Bank of the West, Regions Financial Corp, Euronext, and Synovus Financial Corporation. Recorded Future found a possible overlap with Desert Falcons. | |
Observed | Sectors: Financial. Countries: USA. | |
Tools used | ||
Counter operations | May 2016 | U.S. Accuses 7 Iranians Of Cyberattacks On Banks And Dam <https://www.forbes.com/sites/thomasbrewster/2016/03/24/iran-hackers-charged-bank-ddos-attacks-banks/> |
Information | <https://www.memri.org/reports/rise-and-fall-qassam-cyber-fighters-arab-hacking-group-or-iranian-cyber-front-review-its> <http://ddanchev.blogspot.com.es/2012/09/dissecting-operation-ababil-osint.html> <https://krebsonsecurity.com/tag/izz-ad-din-al-qassam-cyber-fighters/> <https://en.wikipedia.org/wiki/Operation_Ababil> |
Last change to this card: 29 November 2023
Download this actor card in PDF or JSON format
Previous: Cron
Next: Dark Basin
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |