skip to Main Content

Anonymous hacked over 1 mln corporate pages to display a political message

Safety Detective: In the last week end, Anonymous hacked over 1 million pages on hundreds of corporate websites, especially in Israel. The goal was to display a political message of #OpJerusalem. Moreover, the hactivists spread a ransomware

Over 1 million pages on hundreds of websites were hacked by Anonymous activists in the last week end to display a political message. It has been reported by Safety Detective cyber security experts. The cyber attack was quickly contained, but many corporate websites, especially Israeli, including those of Coca-Cola, Groupon, Toys R Us, McDonald’s, and Fiverr, were affected. Security expert, Ran Bar Zik, reported that the vulnerability was first posted on Twitter by researcher Yuval Adam of Cryptoparty. Anyone surfing on one of over a million webpages affected by the breach at the time, would have seen the message “Jerusalem is the capital of Palestine #OpJerusalem”, written in red on a black background. Moreover, the defaced page hosted a malware, a ransomware with an embedded link thanks to a third party accessibility plug-in for the disabled, used across many Israeli websites.

The cyber attack, blocked within an hour, demonstrated the risk for cyber security of using unsecured third party plug-ins across many websites

Anonymous hackers, according to Safety Detective, were able to replace the accessibility plugin with malicious JavaScript code that displayed the controversial political message, and embedded a link that downloads ransomware to the users’ computer. Though at first not all researchers were able to detect the problem, a change to the DNS server produced the vulnerability. By taking control of DNS server records, the hactivists were able to redirect traffic to one of their servers. As more DNS servers began to produce the vulnerability, more surfers began seeing the message. The cyber attack was resolved in under an hour, but it demonstrated the risk for cyber security of using an unsecured third party plug-in across so many websites. Paradoxically, it was lucky that the group decided to make the attack about a contentious political message, rather than focusing on economic damage. It would have resulted in much greater harm.

Back To Top