Trend Micro researchers have managed to get their hands on the malware that caused the Israeli Police Department to pull all of its systems offline last Thursday, and the analysis revealed that it's a so-called Remote Access Trojan (RAT).

According to The Times of Israel, investigation into the matter revealed that police servers and computers may have been compromised almost a week age before the presence of the malware was first discovered.

The attack was not sophisticated - the malware was delivered via an email titled "IDF strikes militants in Gaza Strip following rocket barrage" and sent from the bennygantz59@gmail.com email address.


Obviously, some of the recipients were fooled into believing that the email was sent by Benny Gantz, the current Chief of General Staff of the Israel Defense Forces, and have downloaded and opened the attached Report & Photos.rar file.

The file was an Xtreme RAT, able to receive commands from remote attackers and to make screenshots, record audio and steal information from the compromised systems. It is also Windows 8 compatible.

The Israeli police is said to have banned employees from using outside media (USBs, portable discs, etc.) on police systems from now on, but will surely also have to institute some security awareness training for them.

Needless to say, it is still unknown who initiated the attack, but speculations about it being orchestrated by Iranian state-sponsored hackers abound.