What you need to know
- The Microsoft Threat Intelligence Center (MSTIC) has uncovered a new threat.
- The threat is DevilsTongue malware produced by an Israeli private-sector offensive actor.
- The offensive actor has been dubbed SOURGUM.
As shared by the Microsoft Security Intelligence Twitter account, the Microsoft Threat Intelligence Center (MSTIC) has uncovered a new danger facing denizens of the web: SOURGUM and DevilsTongue.
SOURGUM is MSTIC's name for the Israeli-based private-sector offensive actor it's uncovered. SOURGUM's malware has been going after people worldwide, including human rights activists, journalists, politicians, and academics. Microsoft has issued protections against the malware strains, including a Windows software update. MSTIC's report states that if Windows users have the July 2021 security update, they are protected.
Of the over 100 victims Microsoft has identified, half were detected in Palestinian Authority. To give context to this finding and the actions of SOURGUM, Microsoft explains what the actor's private-sector game might be.
"Private-sector offensive actors are private companies that manufacture and sell cyberweapons in hacking-as-a-service packages, often to government agencies around the world, to hack into their targets' computers, phones, network infrastructure, and other devices," MSTIC's report (opens in new tab) says. "With these hacking packages, usually the government agencies choose the targets and run the actual operations themselves."
Given that SOURGUM has been defined as Israeli-based by MSTIC and half the known targets of its malware are Palestine-based, there may be a political link of some sort, which is hinted at by the report.
To get an in-depth breakdown of SOURGUM's malware, head over to Microsoft's security blog (opens in new tab) where MSTIC analyzes the ins and outs of DevilsTongue in great detail. Everyone who's not a security enthusiast and doesn't want to read about PDB paths and encrypted strings can simply follow along with the latest news from Microsoft and hope the July updates do their job, given that DevilsTongue still hasn't been completely analyzed and understood.
Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to firstname.lastname@example.org.
The link is plain as sunlight and that's all i'm sayin.
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.