Hacktivist tool targets Hamas

DDoS street protest covers both side of Gaza conflict


Israeli cyberactivists are inviting pro-Israeli surfers to install a tool that attacks websites associated with Hamas.

This "Patriot" tool effectively turns the computers of sympathisers of the Israeli cause into zombies - albeit willing, complicit ones - in the control of Israeli hackers.

The hackers are working under the banner of the Help Israel Win collective, which was formed last month at the start of the conflict in Gaza. "We couldn't join the real combat, so we decided to fight Hamas in the cyber arena," one of the group's organisers, 'Liri', told Wired.

The package developed by the group is designed to overload websites associated with Hamas, such as qudsnews.net and palestine-info.info, with spurious traffic. Israeli hackers claim that 8,000 have downloaded and installed the Patriot software.

Conflict in cyberspace is one aspect of a propaganda offensive that has accompanied the war in Gaza, and the decades-long Israeli-Palestinian conflict. Help Israel Win is vague about how its Patriot software works, preferring instead to stress its opposition to Hamas, which has the stated aim of destroying the state of Israel.

The Patriot package, according to Help Israel Win, "unites the computer capabilities of many people around the world. Our goal is to use this power in order to disrupt our enemy's efforts to destroy the state of Israel. The more support we get, the more efficient we are."

SANS Institute security researchers warn that the Patriot tool leaves the door open to abuse. "While at the moment it does not appear to do anything bad (it just connects to the IRC server and sites there - there also appeared to be around 1,000 machines running this when I tested this) the owner can probably do whatever he wants with machines running this," SANS researcher Bojan Zdrnja writes.

A Help Israel Win representative conceded to Wired that "the Patriot code could be used as a Trojan. However, it is not used as such, and will never be."

"The update option is used to fix bugs in the client, and not to upload any malicious code. The project will close right after the war is over, and we have given a fully functional uninstaller to [remove] the application," a representative added.

It's not particularly clear how effective the Patriot tool has been in silencing allegedly pro-Hamas websites, but Help Israel Win has been forced to repeatedly shift its website location in response to attacks for hackers sympathetic to the Palestinian cause, Wired adds.

Security tools firm Arbor Networks reported earlier this week of an increase in botnet attacks on Israeli targets as well as confirming that Help Israel Win was offering what it described as a "simple Windows tool" to target Palestinian websites.

"This is an example of DDoS attacks being used as a form of street protest and something that is becoming increasingly common," said Arbor researcher Jose Nazario.

Other experts confirm that hackers from the wider Muslim world are piling in on behalf of the Palestinians. "Our observations suggest that a large number of Web sites have been defaced by a variety of hacker groups from Iran, Lebanon, Morocco and Turkey, and the trend is accelerating," said Bruce Jenkins, a retired Major with the US Air Force and consultant with application security firm Fortify Security. ®

Similar topics

Broader topics


Other stories you might like

  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading
  • Big Tech loves talking up privacy – while trying to kill privacy legislation
    Study claims Amazon, Apple, Google, Meta, Microsoft work to derail data rules

    Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.

    That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.

    The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.

    Continue reading
  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading

Biting the hand that feeds IT © 1998–2022