ISIS is using not only brute force to strike terror, but it is also reportedly using malware to find its targets online.
According to The Citizen Lab, a Syrian group called the Raqqah is being Slaughtered Silently (RSS) was targeted online via a malware delivered through a seemingly harmless email.
The RSS documents all the human rights violations done by ISIS in the Ar-Raqah city, said Seth Hardy and John Scott-Railton in a The Citizen Lab report. The terrorist group was reported to have conducted kidnappings, alleged assassinations and house raids that targeted the Syrian media group. In addition, it was threating RSS online, saying that they were already spying on them.
In the report, it was found that the alleged ISIS malware focused solely on RSS, which is one of its active targets, leaving the authors to believe the terrorist group is the source of the email.
According to the authors of the report, the email contained a download link, which downloaded a "decoy file" named slideshow.zip. Once opened, the alleged ISIS malware sent the computer's IP address its creator. The email was sent in late November from a Gmail account.
It does not stop there. The alleged ISIS malware, if not removed, will send the IP address and additional details about the infected system every time the computer reboots.
The report said that the alleged ISIS malware did not contain "remote access Trojan (RAT) functionality," which gives the hacker capability to gain control of the infected computer, but the alleged ISIS malware is believed to be only for "locating a target."
If the terrorist group is behind the malware, the terrorist group can use the IP addresses to pinpoint a location to directly attack.
According to The Register news site, the alleged ISIS malware could have been developed by Junaid Hussain, a British hacker who is now believed to be working in ISIS territory.