Sysjoker

Malware updated 2 months ago (2024-08-14T09:47:45.297Z)
Download STIX
Preview STIX
SysJoker is a malicious software (malware) that has been used in cyber attacks targeting Israeli systems. This malware, developed in the Rust programming language, is capable of exploiting and damaging computer systems without the user's knowledge. It can infiltrate these systems via suspicious downloads, emails, or websites, and once inside, it has the potential to steal personal information, disrupt operations, or even hold data hostage for ransom. The Advanced Persistent Threat (APT) group linked with Hamas, the Palestinian militant organization, has been identified as the entity deploying this backdoor malware against Israel. The use of SysJoker by this APT demonstrates a sophisticated level of cyber warfare, indicating their capability to develop and deploy advanced malware to further their objectives. The Rust-based nature of SysJoker makes it particularly potent, as this programming language is known for its performance and safety, especially in terms of memory management. In a recent development, the Hamas-linked APT group has revived the use of SysJoker, leveraging Microsoft's OneDrive cloud storage service to distribute the malware. This method of distribution suggests a higher level of ingenuity and adaptability on the part of the attackers, using commonly trusted platforms to bypass security measures. Consequently, this poses a significant threat to cybersecurity, requiring continuous vigilance and robust security protocols to counter such evolving threats.
Description last updated: 2024-08-14T08:50:16.071Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Backdoor
Malware
Apt
Windows
Encryption
Rust
Operation El...
Hamas
Macos
Linux
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Gaza Cybergang Threat Actor is associated with Sysjoker. The Gaza Cybergang is a threat actor that has been active since at least 2012, primarily targeting the Middle East and North Africa. The group is known for its intelligence collection and espionage campaigns against Palestinian and Israeli victims. It consists of three main subgroups: Group 1 (Molerhas used
4
The Operation Electric Powder Threat Actor is associated with Sysjoker. Operation Electric Powder is a threat actor operation that was actively involved in targeted attacks against Israeli organizations between 2016-2017. This operation, as previously reported by ClearSky, has been linked to the threat actor known as Gaza Cybergang, also referred to as Molerats. The cybUnspecified
3
The Molerats Threat Actor is associated with Sysjoker. Molerats, also known as Gaza Cybergang Group1, is a threat actor linked to Hamas that has been active for over a decade. This low-budget group has been tracked by researchers under various names including Molerats, Gaza Cybergang, Frankenstein, WIRTE, and Proofpoint’s TA402 designation. Among 16 AdvUnspecified
2
Source Document References
Information about the Sysjoker Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
2 months ago
Securityaffairs
2 months ago
CERT-EU
7 months ago
Securityaffairs
3 months ago
Securityaffairs
3 months ago
Securityaffairs
3 months ago
Securityaffairs
3 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
7 months ago
Securityaffairs
7 months ago
Securityaffairs
7 months ago
CERT-EU
7 months ago
Securityaffairs
7 months ago