The Operation Arid Viper campaign has successfully stolen more than 1 million files with current malware campaigns underway, though it's not the usual suspects, according to Kaspersky Lab and Trend Micro.
The Arab-speaking group, with ties to Gaza, have targeted foreign government offices, critical infrastructure, military, universities, and other high-profile targets. The attacks likely occurred starting in mid-2013 and a full investigation into their actions is underway.
"Whoever the real culprits are, it is clear that they are part of the Arab world, evidence of a budding generation of Arab hackers and malware creators intent on taking down their chosen adversaries," researchers said in a study. "Some of the black hats - be they mercenaries or cybersoldiers - are actively targeting countries such as Israel due to political motivations. We have seen all of the ingredients of a cyberskirmish guerrilla war that goes unnoticed by mainstream IT security media."
Cyberespionage campaigns between foreign governments is nothing new, but there are an alarming number of rogue groups - some with suspected government backing - aimed at stealing information which help further their own political efforts.