A new virus is in circulation and this time it is again targeting the Middle-East countries. Interesting enough last month the Middle east was (still might be) plagued with Shamoon 2.0, the deadly virus that made its comeback from the dead.

This new campaign is dubbed as the “Magic.Hound” by the Palo-Alto Networks research. It is interesting to note that within such a short time span of time this is the second time the middle east is targeted. And this attack like the previous Shamoon 2.0 attack is not only limited to the Government sector but Private Corporations are in the cross-hairs as well. According to a report, Middle-east has spent 5.2 Billion AED (United Arab Emirates Dirham) alone last year to prevent and counter cyber crime but the statics tells us a different story:

  • 49% online users feel it is more difficult to stay safe online than physical world.
  • 59% users are hesitant to use their credit cards when connected to public wifi-hotspots
  • 55% users feel that unauthorized access from home network is more likely than a physical breach in their homes.

Now one such reason why users feel the above is because of the unsecure habits that the people follow, Corporate and Non-corporate users alike follow some the mentioned habits that make them a very desirable target for an attacker to attack:

  • Three in ten (30 percent) UAE consumers cannot detect a phishing attack, and another nine percent have to guess between a real message and a phishing email, meaning nearly four in 10 UAE users are vulnerable.
  • Nearly one-third UAE users (31 percent) share their passwords with others, (31 percent) fail to see the danger of using the same passwords across multiple accounts.
  • Almost 23 percent of UAE consumers are willing to access public Wi-Fi rather than go without.
  • One in five (21 percent) of people have at least one unprotected device, leaving their other devices vulnerable to ransomware, malicious websites, zero days and phishing attacks.

The new virus which is spreading in the Middle-East takes advantages of the above mentioned facts.

  • We analyzed nearly a dozen of samples which were such “traps” to UAE consumers.
  • Upon analysis we found that for the malicious sample spread through office documents, using the macros feature.
  • The following analysis is obtained from the Office files such as Word Documents and Excel Sheets.
  • Now the images below are some samples of classic phishing attacks which are used to target users.