Hackers attacked and defaced thousands of Israeli sites

On May 21, 2020, the hacker group Hackers of Savior attacked thousands of Israeli sites. Most of the affected resources, many of them belonged to large companies, were hosted on uPress – Israeli WordPress hosting.

According to the official statement of the hosting company, for hacking, attackers took advantage of the vulnerability in an unnamed WordPress plugin and disabled more than 2000 sites.

“On hacked resources, attackers posted anti-Israeli messages, and also infected the sites with a malicious script that requested permission to access visitors’ webcams”, – said uPress representatives.

According to Profero experts, there were two versions of this script: one requested access to users webcams, and the second tried to take a picture of the user and upload the picture to a remote server.

Also on all infected sites, hackers posted a YouTube video with the message: “The countdown for the destruction of Israel began a long time ago

Hackers attacked Israeli sites

UPress reports that it is investigating the incident and has already involved local law enforcements. Currently, the host’s specialists have temporarily suspended the work of the affected resources and have already got rid of the malicious files used by the hackers. Now continues work on restoration of normal functioning of sites.

“The Hackers of Savior group, according to preliminary data, has nine members living in Muslim countries, such as Turkey, Palestine, Morocco and Egypt. The attacks of the group were conducted on the Israeli national day, Jerusalem Day, dedicated to the reunification of Jerusalem after the Six Day War (1967)”, – reports ZDNet magazine.

Israel’s National Cyber Directorate has already warned users against any interaction with any hacked sites. The fact is that not all resources went offline – some of them are still available, and are most likely cached by CDN providers.

I must say that the Israeli media actively report that the responsibility for this attack lies on the “Iranian hackers”, but so far, there is no evidence of Iran’s involvement in this incident.

Last month, the Israel government told water treatment companies to change passwords after hackers tried to access water supply and treatment systems. Iran was blamed in his attack in non-public sources, which contradicted the overall opinion of the Israeli cyber-security community.

Additionally, hackers tried to attack Israeli resources during Eurovision in 2019. We also reported that Israel, for example, could respond to a cyberattack with a real missile attack. It is still hot in the Middle East.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Sign in with Apple vulnerability

Apple paid $100,000 for “Sign in with Apple” vulnerability

Indian security specialist Bhavuk Jain received $100,000 from Apple via bug bounty program for detecting …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.