Houthi-Backed Spyware Effort Targets Yemen Aid Workers

Pro-Houthi OilAlpha uses spoofed Android apps to monitor victims across the Arab peninsula working to bring stability to Yemen.

An ongoing spyware campaign is targeting attendees of Saudi government-led negotiations on Yemen, along with humanitarian and reconstruction aid workers working toward Yemeni stability on behalf of the
pro-Houthi movement
.
Insikt Group researchers has been monitoring the activities of threat group OilAlpha since May 2022, which they reported has been using messenger applications like WhatsApp to
social engineer
targets into downloading a malicious Android application. The app comes loaded with remote access Trojans (RATs) like SpyNore and SpyMax, the researchers said.
Tellingly, OilAlpha uses infrastructure that the Insikt Group traced back to the Public Telecommunication Corporation (PTC), a business owned by the government of Yemen, and under the control of Houthi-aligned officials,
the report added
.
The groups operations have reportedly included targeting persons attending Saudi Arabian government-led negotiations; coupled with the use of spoofed Android applications mimicking entities tied to the Saudi Arabian government, and a UAE humanitarian organization (among others), the report said. As of this writing, we suspect that the attackers targeted individuals the Houthis wanted direct access to.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Houthi-Backed Spyware Effort Targets Yemen Aid Workers