Security Brief: Israel, Palestine, Malware
The main cyber security events of the week between November 19 - November 25
This week, Israel and Palestine have signed a ceasefire agreement and most hacktivists stopped launching cyberattacks. However, before the agreement was signed, hackers from both sides launched numerous attacks.Pro-Palestine hackers breached several websites as part of OpIsrael, including ones of Microsoft. They’ve also leaked the details of thousands of Israelis, and they’ve even utilized some of the dumped email addresses to send threats to the country’s officials.
Israel admitted that tens of millions of cyberattacks were launched against government systems, but they claimed that none of them was successful.
Shortly after this statement was released, ZCompany Hacking Crew (ZHC) hackers gained access to a number of online accounts owned by Israel’s Vice Prime Minister Silvan Shalom. They defaced his YouTube, Facebook, Twitter, LinkedIn and Blogger accounts and even leaked some emails from the official’s Gmail.
After the ceasefire agreement, Anonymous urged hacktivists to stop the attacks, arguing that they will not interfere with peace.
On the other side of the fence, Pro-Israel hackers disrupted a number of Hamas websites and breached the systems of Palnet, one of Palestine’s largest ISPs.
Another hacker claimed to have leaked the details of 1 million American users in response to the attacks launched by Anonymous against Israel. However, it later turned out that the published information didn’t belong to Americans, being copied from an older data dump.
A couple of interesting pieces of malware were presented by security researchers this week. One of them is a rootkit that targets Linux systems.
The second one, called Narilam (“Mal Iran” written backwards), has been found to destroy the databases of corporations from the Middle East.
In other malware-related incidents, France accused the US of hacking into the former president’s computer systems by using the notorious Flame.
The US flatly denied the accusations, highlighting the fact that France is one of their greatest allies.
As far as vulnerabilities are concerned, we've learned that Adobe still hasn't fixed the security hole that affects Adobe Reader X and XI. Also, experts came across a Yahoo! Mail zero-day exploit that's currently sold for $700 (€550) on hacking forums.
In case you've missed it, LulzSec Jeremy Hammond has been denied bail. Also a number of four alleged Anonymous hackers are accused by PayPal of causing damages totaling £3.5 Million ($5.5 million / 4.3 million EUR).
Finally, Britain’s Prince William wanted to show the world some photographs picturing him on a regular day at the Royal Air Force Valley base. However, RAF representatives forgot to check out the pictures before they were posted online.
They only later noticed that some of them contained usernames, passwords and other sensitive information.