Secours Rouge: Large Scale Propaganda Campaign Against Kurdish Websites
We share an unofficial translation of the article by Secours Rouge.
An investigation done by Cybersecurity specialists who work for Sekoia.IO company showed that at least 25 Kurdish websites were victims of four different malicious scripts. The simpler obtains the location of the device, the most complex one tricked selected users to install a malicious Android application. The researchers can not get to know who is behind this attacks. On the Kurdish side, they point out the Turkish State, which has a troll army that works to hack Kurdish information sites.
At the beginning of this year, the research and detection of threats by Sekoia was started after recognizing a suspicious script in one Kurdish website that had tricked the users to access to their cameras and share their location. In the absence of sophisticated technics, the campaign stood out for its scale and duration before being noticed. The first signs of problems were noticed in 2022.
This campaign in particular does not match any known TTP (Tactics, technics and procedures) associated to previous attacks in the region. This suggests the raising of a group of activities previously unknown conducted against the Kurdish community.