APT C-23 also known as AridViper and Desert Falcon has resurfaced with a malicious documents targeting victims about the sensitivity of the never ending conflict between Israel and Palestine. The group’s discovery came around March 2017 with their main targets emerged as Middle East. The group has previously faked an android app to deploy Android/SpyC23.A mainly for spying, including reading notifications from messaging apps, call recording and screen recording, and with new stealth features, such as dismissing notifications from built-in Android security apps. In this instance, the group has dropped a malicious document to confuse the victim about a malicious document relating to CIA, Hamas is shown to confuse the victim and meanwhile RAT is executed to perform remote control.
Gain control of victim’s system