Operation Free Palestine, the op started by TeaMp0isoN, Anonymous and other hacktivist worldwide, continues. As a result, members of TeaMp0isoN published the credit card details of more than 26,000 Israeli citizens obtained from a couple of major Israeli websites, including One (one.co.li), the site that not long ago fell victim to another hacking operation that ended the same way.
A massive database published online reveals names, email addresses, birth dates, card types, card numbers, card expiration dates, cardholder genders and CVVs. Most of the information, around 22,000 record sets, was obtained from the sports site One and the other part from a site called Citynet (citynet.co.il).
We’ve contacted the hackers to learn more details and apparently, both sites were using the same type of billing software which was found to be vulnerable, allowing members of TeaMp0ison to obtain the massive quantity of data.
As most people may know, this is not the first time when One was breached by hackers. At the beginning of 2012 a hacker named 0xOmar managed to accomplish the same thing, leaking the details of 18,000 credit cards.
It turns out that TeaMp0ison didn’t even know about 0xOmar’s hack and the fact that they targeted One was a strange coincidence.
“We picked up from where OxOmar left off, even though, we didn’t know he hacked one.co.il, until now,” said one of the hackers.
“We were just targeting Citynet and realized that it had the same software on one of the sub-domains as one.co.il had.”
While many websites fail to patch their vulnerabilities after being hacked, it shouldn’t surprise anyone that One failed to do so, but this is not the main problem.
The hackers used random credit cards to make donations to Palestinian charities and apparently many of them still work, which means that Israeli banks failed to cancel some of their customers' cards after 0xOmar leaked their details.
Around 15 Palestinian charities benefited from donations made by the hackers using the credit card information acquired from the Israeli sites and to prove it they even provided us a copy of a donation confirmation received from one of the organizations.
This is a subject that will be detailed at another time, but the member of the hacktivist collective in charge of making the donations claims that there were never chargebacks, like some experts said when Operation Robin Hood began.
On the same Pastehtml webpage where the data was published, the hackers also posted a YouTube video featuring Rafeef Ziadah, a Canadian-Palestinian spoken word artist and activist, reciting a poem dedicated to Palestinian solidarity. The video is available below.