FruityArmor, also known as Stealth Falcon or Project Raven, is a threat actor linked to the United Arab Emirates (UAE) according to MITRE. Active since 2012, this group has been associated with cyberespionage activities targeting political activists, journalists, and dissidents primarily in the Middle East region. The cybersecurity industry identifies these entities using various naming conventions, with FruityArmor being one such example.
On September 25, 2023, new cyberespionage attacks were reported, launched by the Stealth Falcon operation utilizing a novel sophisticated malware called Deadglyph. This backdoor malware is directly attributed to the Stealth Falcon Advanced Persistent Threat (APT), reinforcing its reputation as a state-sponsored hacking group from the UAE. Details about this new backdoor have been reported by SC Magazine and The Hacker News, highlighting the continuous evolution of the threat landscape.
ESET, a leading cybersecurity company, has confirmed the attribution of these recent attacks to the Stealth Falcon group. The use of the Deadglyph malware in these attacks demonstrates the group's ongoing commitment to developing advanced tools for conducting cyberespionage. As this situation continues to evolve, it underscores the importance of maintaining robust cybersecurity measures and staying informed about emerging threats.
Description last updated: 2023-11-29T04:24:19.174Z