Bahrain Mirror: Bahrain Watch announced on Sunday (October 18, 2015) it identified a very recent targeted digital attack by an anonymous group on a number of Bahraini Activists living outside Bahrain.

"Targets have received emails that contain malicious spyware that downloads a spy tool known as H-worm," said Bahrain Watch.

"And the servers used for this attack appear to be based in Palestine," it added.

Bahrain Watch further stated that it still hasn't' discovered additional details that might lead them to revealing the identity of the hacker.

It warned that the hacker sent a number of emails "from abdok86@gmail.com and subject: Important Information, Please Read."

"The email contains two attachments: Document29-9-2015-copy.gz and Document29-9-2015.gz. The .gz files in the attachment contain a .vbs file: Document29-9-2015.vbs," Bahrain Watch added.

"The .gz files in the attachment contain a .vbs file. which downloads a bait document and another .vbs file from a file hosting site. When the spy program self-executes, it reports back some system information: OS version, PC name, which antivirus you have, and it can accept additional spyware. This allows the hacker to infect you based on the information it posts back. The hackers Skype ID is iman.jard. And the servers used for this attack appear to be based in Palestine," it explained.

"The email contains a url link, when you click it, will take you to another page similar to a Google page asking you to input your username and password," Bahrain Watch added, stressing that it is a fake email claiming to be from Google team to steal the target's documents and passwords.

Arabic Issue: