A stealthy hacking group named WIRTE has been linked to a government-targeting campaign conducting attacks since at least 2019 using malicious Excel 4.0 macros.
The primary targeting scope includes high-profile public and private entities in the Middle East, but researchers also observed targets in other regions.
Kaspersky analyzed the campaign, toolset, and methods, and concluded with low confidence that WIRTE has pro-Palestinian motives and is suspected to be part of the ‘Gaza Cybergang’.
However, compared to other affiliated hacking groups, WIRTE has better OpSec and more stealthy techniques, and they can avoid detection for long periods.