Report Says Gaza Hackers Used Pornographic Films to Access Israeli Computers
Palestinian hackers have reportedly joined the ranks of the “national struggle” against Israel, according to a recent report by Trend Micro, a US based cyber security firm.
In the last two years, tech-savvy Palestinians associated with Hamas have stepped up their efforts to steal information from strategically vital companies and organizations, using pornographic films to gain access to sensitive Israeli targets, the report said.
Dubbed “Operation Arid Viper,” the cyber attacks went after Israeli targets through servers operated by Hetzner Online AG, an internet hosting company and data center based in Germany. Though the attacks came from German servers, according to Trend Micro, they were controlled by hackers in the Gaza Strip.
The report said that the attackers had succeeded in infecting computers in the “offices of government, social media networks, an infrastructure provider, a military organization and one academic institution.”
The method was very simple, and according to the report, not very sophisticated. E-mails were sent to employees in the targeted institutions, with various lures to convince the recipients to open the links attached in the e-mails.
Once the user clicked the link, a short pornographic film would start running, without any prior warning to the user. The intent was to embarrass the user, and make it appear as if he was browsing racy films on his own accord, so that he would then be less inclined to report the suspicious e-mail.
As the film played, it would cause a hidden program to run in the background, while in the foreground a program appeared that resembled Skype. This fake program would then establish a connection with a central server and supply it with information from the computer on which it was running, granting the server’s operators access to information on the infected computer. It would give them the freedom of action to choose which materials they wanted to transfer from the computer to the server.
The attacks were sent from fake e-mail addresses, even when they appeared to be real names, like Khalil Samra at Gmail. Other sites that connected to the software were controlled by e-mails that included names like Ahmad Jamal and Mohammad Hashem. When Trend Micro searched through a number of profiles of the individuals connecting to these e-mails, many of them were on social media networks in Gaza, working against Israel and for Hamas.
But all doesn’t end badly here. The “Operation’s” lack of sophistication made it relatively easy for the server’s security monitors to identify the hackers and the information they were stealing long before the hackers were aware. In turn, they blocked their connection to the servers.
However, Trend Micro said that these attacks are indicative of a trend whereby Arab countries or terror organizations are financing Arab “hacktivists” to build a cyber army in order to launch attacks on Western countries, targeting, the heart of a battlefield that the West still cares relatively little about.