News

Attackers use voice changing software to deceive their victims

Specialists of the information security company Cado Security discovered that hackers from the Molerats group (aka Gaza Hackers Team, Gaza Cybergang, DustySky, Extreme Jackal and Moonlight) use voice-changing software to deceive their victims: they change a male voice to a female one.

The Molerats group has been active since at least 2012 and mainly attacks organizations in the Middle East. The hack group APT-C-23, which is believed to be part of Molerats, usually uses social engineering to force its victims to install malware.

So, earlier researchers have already observed that hackers impersonate women and get acquainted with the soldiers of the Israel Defence Forces on social networks. At the same time, experts know for sure that all members of the group are men.

This time, the participants in APT-C-23 went even further. A phishing campaign targeting politicians, discovered by researchers, was based on the fact that attackers used special software to change the voice to impersonate women, and then “involved the victims in conversations.” When social engineering worked, hackers tricked users into installing malware.

“Other analysts have reported on manipulated images being used to enable misinformation in the wider Israeli-Palestinian Conflict. And there have been previous reports of fraudsters using DeepFake audio impersonations. But this is the first time we’re aware of evidence, albeit indirect, of attackers using voice changing software to enable espionage”, — Cado Security specialists told.

When analyzing a publicly available server related to the group, Cado Security researchers found an archive containing photos from the Instagram model’s account, as well as an installer for the Morph Vox Pro voice changer.

On the same server, experts found various tools used in the attacks: an application for mass mailing of phishing emails, an application for hacking VoIP systems, a search tool for vulnerable routers, and a folder containing a phishing page for collecting Microsoft data scientists.

Let me remind you that Attackers could exploit the vulnerabilities of Alexa and Google Home to phishing and spying on their users, and also that Hacked Oxford server was used for phishing attacks on Office 365.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove News-bfopeci.info pop-up ads (Virus Removal Guide)

News-bfopeci.info is a domain that tries to force you into subscribing to its browser notifications…

13 hours ago

Remove News-bfugaho.info pop-up ads (Virus Removal Guide)

News-bfugaho.info is a site that tries to force you into clik to its browser notifications…

13 hours ago

Remove News-bganise.info pop-up ads (Virus Removal Guide)

News-bganise.info is a domain that tries to trick you into clik to its browser notifications…

13 hours ago

Remove News-xhijupa pop-up ads (Virus Removal Guide)

News-xhijupa.com is a domain that tries to trick you into subscribing to its browser notifications…

13 hours ago

Remove News-xnicini.cc pop-up ads (Virus Removal Guide)

News-xnicini.cc is a domain that tries to trick you into subscribing to its browser notifications…

13 hours ago

Remove News-xpafema.cc pop-up ads (Virus Removal Guide)

News-xpafema.cc is a site that tries to trick you into subscribing to its browser notifications…

13 hours ago