If you follow the security and hacker world, you’ll know that there is a constant tit-for-tat battle going on across countries, religions and ideologies. One group will deface a certain web site usually with badly spelt propaganda and ‘1337 speak’, then a few days later another group will retaliate with an attack on a different web site. There’s lots of threats and tough talk, and it sometimes seems like there are literally thousands of these groups all over the world fighting their own cyber way.
The reality is that it’s been happening for so long it doesn’t really make much impact any more, unless it’s a really big commercial name. There’s another problem with this attack method, especially due to the minimal impact – it usually takes much more effort than it’s worth. Of course there are literally thousands of ways to hack a web site – vulnerabilities on the code, the host, bruteforce passwords or pinch user credentials – the list is virtually endless.
However it does take time, and can take an awful lot of effort which is why it often looks like a complete waste of time. You spend days finding out a web sites vulnerabilities and hack into it, replace it with your leet message – then take a couple of screenshots. What happens then? The owner changes all the password, closes the vulnerability and restores the original from backup and it’s all back to normal. Unless you dash out and advertise the hack, then it’s likely not that many have even noticed and those who do have seen it all before anyway. Of course if it’s a bank or a big commercial site then there is much more of an impact and of course commercial implications – but those sites are likely to take much more effort and resources to hack into anyway.
Which is why I think this was a rather innovative angle by a group of pro-palestinian (or perhaps just anti-Israeli) hackers called AnonGhost (not impressed with that name!). They’re involved in an cyber offensive against the Israeli’s, which sounds a bit more impressive than the reality, and have been for several years in line with other Muslim extremist groups like ISIS. It all get’s very messy here as you have a ‘free speech’ hacker group like Anonymous, working towards the same target alongside ISIS sympathising hacking groups such as AnonGhost. Obviously supporting any ISIS related group is kind of a backwards step toward promoting free speech and liberty.
Anyway the point is that instead of just stealing a few user details and posting up a bit of tedious cyber graffiti which is overwritten half an hour later, they did something different. They stole lots of credit card details from an Israeli based site and posted some of them online, the rest they used to make donations to a Palestinian children’s charity.
Well that’s the story at least, there is a little bit of evidence to support it but not enough to be completely sure. The irony of course relies on these being stolen Israeli credit cards. Though whether the payments were completed by the charity site – fundrazr, is also perhaps difficult to believe -especially after the facts were posted all over the web.
As usual, the attackers probably didn’t hide their tracks very well and unless they used some very secure VPNs, like these, have probably now got loads of their details listed on databases compiled by various security agencies like GCHQ and the NSA. However as a stunt, it was at least a little bit innovative.