Anonymous (OpJerusalem/OpIsrael): Over the weekend, millions of Israeli websites were compromised and turned into watering holes in an attempted ransomware attack on Israeli citizens. The hackers, who were not identified but are possibly tied to Anonymous, compromised a website called Nagich which provides plugins on millions of Israeli websites to allow accessibility options for those with disabilities. The effected websites were defaced with a message reading, “Jerusalem is the capital of Palestine #OpJerusalem”, which is a common phrase used by Anonymous and their supporters as part of the OpJerusalem, OpIsrael, and OpPalestine campaigns. While the majority of the affected websites have strong security measures in place, the inside access that the Nagich has allowed the attackers to circumvent that security. Some websites, such as certain banks, have strong enough security in place that it was still successful in blocking the attack being launched through Nagich. The attackers were hoping that the websites that they compromised could be used to deliver ransomware to the websites’ visitors, but it appears to have been completely unsuccessful. The cyber security division of the Prime Minister’s office was quickly notified of the attack and the damage was quickly remediated.
Analyst Notes
With the significant amount of attention being given to the OpIsrael campaign this year, it is possible that this was intended to be an initial blow to Israel in the campaign to keep security personnel busy leading up to the attacks in early April.
