Tracking the Development of SysJoker: A Cross-Platform Backdoor Used in Attacks Against Israel
Check Point Research has discovered a new variant of the SysJoker backdoor malware, believed to be used by a Hamas-linked hacker group to target Israel. This blog post discusses the changes in SysJoker, including the shift to OneDrive for storing command and control server URLs, and the use of random sleep intervals as an anti-analysis measure. The post also highlights the connection between SysJoker and Operation Electric Powder, a series of targeted attacks against Israeli organizations. It emphasizes the importance of robust security measures to protect against evolving cyberattacks like SysJoker.