Skip to main content

Pro-Assad hackers are catfishing Syrian rebel forces

Pro-Assad hackers are catfishing Syrian rebel forces

Share this story

Pro-Assad forces have broken out a surprising new weapon in the Syrian civil war: catfishing. A new report from the security firm FireEye details an ongoing intelligence-gathering operation that targeted Syrian rebel forces in the months after November of 2013. While the situation was unusual, the tactics should be familiar to anyone who's spent time on the web. Targets were contacted by an unknown woman who claimed to be offering support to the rebel cause, using information and photos lifted from social media sites. After enough conversation, she would send pictures laced with malware, planting a remote-access trojan on the victim's computer or phone. The campaign collected hundreds of documents and more than 31,000 Skype conversations, many of which detailed the rebel strategies for retaking the town of Khirbet Ghazaleh.

A Skype conversation from the FireEye report.

It's unclear how much of a strategic impact the campaign had, but it's a reminder that many of the social channels utilized by opposition groups are vulnerable to digital attack. In this case, pro-government forces didn't even need sophisticated tools to break in, relying instead on old-fashioned social engineering tactics. Media activists and humanitarian aid workers were also reportedly targeted in the campaign, revealing sensitive data about human rights investigations and refugee placement. Activists have also faced difficulty communicating through Facebook, as many opposition pages have been shut down over claims of graphic or inappropriate content.