As the conflict continues on the ground in Syria, despite the introduction of a ceasefire on April 12 and efforts from the international community to put an end to the violence, on the internet Syrian activists are also targeted.
In Syria, the revolution is both happening on the ground and on the internet with activists and citizen journalists providing footage and photos from the front to mainstream media.
Since the beginning of the year, Syrian activists have been targeted many times including through the use of Trojans, which install spying software on their computer, but also through the use of fishing attacks which steal activists’ Youtube and Facebook login details.
The cyber-war against Syrian activists has now reached another level.
TrendMicro, a Malware Blog discovered last week the existence of a website which purports to provide encryption for Skype. It turned out the software offered was actually a Trojan that installed DarkComet 3.3. According to the Electronic Frontier Foundation (EFF), DarkComet 3.3 enables the attacker to “capture webcam activity, disable notification setting for certain antivirus program, steal passwords and more.”
This week the EFF discovered a similar website. However unlike the version found by TrendMicro, this one is not detectable by some anti-virus software.
EFF warned Syrian Internet users against these types of softwares and asked them to be “careful about downloading applications from unfamiliar websites”.