#OpIsrael 2015 has already started, sensitive info leaked

Apr 6, 2015 13:30 GMT  ·  By

Hacker groups part of the Anonymous hacktivist outfit have released log-in credentials allegedly used by citizens from Israel to access email and Facebook accounts, as well as card details also belonging to Israelis.

Anonymous has already threatened Israel with “Electronic Holocaust” because of government involvement in the military conflict in Palestine.

At the beginning of March, the hacktivists released on YouTube a video announcing a new cyber-attack on April 7 against Israel, as it happened in the past years.

The hackers promised to take down servers, government websites, Israeli military websites, banks, and public institutions.

Thousands of usernames and passwords leaked

On Saturday, the hackers from AnonGhost revealed on anonymous paste website Pastebin a database with 53 Facebook credentials (passwords in plaintext).

It is unclear if any of the passwords work, but in some cases, the accounts were locked by the social network due to suspicious activity. In some instances, Facebook returned a message saying that the access password had been changed recently.

The same hackers released another database containing more than 6,000 username and password (plaintext) pairs for email accounts mostly for services based in Israel.

Checking some of the addresses in public databases with emails leaked as a result of data breaches showed that they were collected on April 4, 2015.

The fact that they could not be encountered in breaches occurring at an earlier date suggests that the cache is real and it has not been compiled with data from other public leaks.

Payment card data dumped into the public domain

Another hacker group, calling themselves Anonymous Arabe, dumped online payment card data complete with names, addresses, dates of birth, phone numbers, and type of the card, as well as their number, type, CVV (card verification value) codes and expiration date (valid in most of the cases). Some entries also have email addresses attached.

According to the Pastebin post, there are more than 500 people affected, although this number may not be accurate.

The same hackers released access details for over 6,000 Internet devices claimed to be Israeli modems. A simple check of the IPs showed that the addresses were located in multiple countries, such as Georgia, Lebanon, Germany, France, Republic of Moldova, Netherlands, Finland, UK, Czech Republic, Poland, and Switzerland.

The info is allegedly the result of hacking, but the passwords and usernames disclosed indicate that a search engine for Internet-connected devices, such as Shodan, was used to discover routers with default access credentials, either for the administrator, a guest account, or ISP support.

The credentials used are mostly “admin:admin,” “user:user,” “support:support,” “guest:guest,” and “admin:1234.”

A recent attack from Anonymous has knocked down Knesset.gov.il, the website of Israel’s Parliament. The Knesset has attributions such as passing laws and electing the president and the prime minister.