This report is an analysis of the Desert Falcons targeted attack against targets in the United States. The report is classified as TLP: White and is intended for inquiries to be directed to intelreports@kaspersky.com. The report provides an executive summary, introduction, operation goals and victim profiles, operation analysis, and an overview of the Desert Falcons' main Trojan and other tools used in the attack. The report highlights the use of social networking tricks, fake RealPlayer plugin trick, and right-to-left extension override trick to deceive and infect targets. The report also discusses the infiltration and spy aspect of the attack, including the use of DHS spyware and mobile backdoor traces. Overall, the report provides a comprehensive analysis of the Desert Falcons targeted attack and the tools and techniques used by the attackers.
