Snapshots for spy conversations sent by the hacking group to some of its victims (Aden Hurah)
19-05-2023 at 6 PM Aden Time
South24 (Aden)
A likely Pro-Houthi hacking group, known as "Oil Alpha" targeted Yemeni individuals, media platforms, and non-profit humanitarian organizations in the Arabian Peninsula via "WhatsApp" as part of a digital espionage campaign, “Record Future”, a company specializing in cybersecurity, disclosed.
According to an extended report published by the company Tuesday, Oil Alpha's operations "reportedly included targeting persons attending Saudi Arabian government-led negotiations; coupled with the use of spoofed Android applications mimicking entities tied to the Saudi Arabian government, and a UAE humanitarian organization".
Moreover, the hacking group forged documents that spoofed the name of the Security Belt Forces affiliated with the STC in Aden. "South24 Center '' noticed that these documents included decisions attributed to Mohsen Al-Wali, the Commander of the aforementioned forces. They aimed at inciting against the new-formed PLC. These messages were attached along with a spy Android application that spoofed the name of an organization.
"Record Future" believes that the hacking group, Oil Alpha", supports the Houthi agenda. It said that the group "relied on infrastructure associated with the Public Telecommunication Corporation (PTC), a Yemeni government-owned enterprise reported to be under the direct control of the Houthi authorities". It added that all dynamic "DNS" domains were assigned to "IP" addresses belonging to the Yemeni Public Telecommunication Corporation.