The article reports on a new cyber campaign targeting the Middle East and North Africa, utilizing a modified version of AsyncRAT malware. Originating in September 2024 and linked to geopolitical tensions, the campaign has reportedly affected around 900 victims predominantly in countries like Libya, Saudi Arabia, and Egypt. Researchers from Positive Technologies identified the threat actor named Desert Dexter, who employs social media platforms like Facebook for malware distribution. The malware incorporates keylogging capabilities and targets cryptocurrency wallets, with a complex installation process involving various scripts.
The campaign, which leverages social media to distribute malware, is tied to the region's current geopolitical climate, indicating its widespread nature.
The activity, attributed to a threat actor dubbed Desert Dexter, was discovered in February 2025. It chiefly involves creating temporary accounts and news channels on Facebook.
Collection
[
|
...
]