Israeli Trojan Trap Set to Bait #OpIsrael Anonymous Campaigners


#OpIsrael is an annual Anonymous campaign that wages DDoS and other cyber attacks against Israeli government agencies, websites and businesses. April 7 is earmarked as the start of the annual campaign –  the day #OpIsrael was officially launched in 2013, because Israel’s National Holocaust Remembrance Day fell then on the 8th.

The initial 2013 attack saw mass amounts of data uploaded and released, including over 100,000 Israeli websites disrupted and costing around $3 billion US in damages. Since the 2013 campaign, it has become an annual event for Israel to prepare for the upcoming attacks.

The attacks are in response to Israel’s continued human rights violations against the Palestinians.

Over the years, #OpIsrael Anonymous members have found themselves exposed as pro-Israeli forces retaliate. In 2014, “Buddhax”, an Israeli hacker linked to the Israeli Elite Force, exposed several Anonymous members by posting IP addresses, locations and photos that supposedly were recorded via Anonymous hackers’ webcams – a claim some still dispute.

This year, like previous years, the #OpIsrael campaign began forming over numerous Facebook, Twitter and YouTube channels, in preparations for the annual April attacks. Rallying hackers to the call of #OpIsrael, the campaign has not been swayed by pro-Israel retaliation.

However, in the recent 2017 campaign, US cyber security firm Digital Shadows discovered a Twitter account offering free DDoS tools to anyone wanting to participate in #OpIsrael. Generally, this isn’t an unusual practice, but these particular DDoS tools were discovered to contain malware capable of spying on those using it. In short, a trap was laid to target OpIsrael participants with malware.

Heavily redacted Twitter account of the source of the Trojan Trap. Source: Digital Shadows.

“We recently identified evidence indicative of a malware distribution campaign apparently intended to deploy remote access trojans (RAT) onto the machines of hacktivist actors engaged in supporting the 2017 iteration of OpIsrael,” Digital Shadows announced.

“While monitoring for activity relating to OpIsrael, Digital Shadows identified a Twitter account sharing links to what were claimed to be two denial of service (DoS) tools – one for Windows and one for Android devices. The tweets encouraged users to download these tools in order to participate in OpIsrael and featured multiple hashtags used by this campaign, as well as Anonymous collective imagery.”

The DDoS tools were for both Android devices and Windows-based systems.

Although the actors are unknown, Digital Shadows forewarns it isn’t unlikely that the Israeli government is ramping up actions to mitigate future OpIsrael campaigns. However, it could also be an individual either working for the government or for themselves.

Despite the lack of information on the individual(s) responsible, the downloading of this particular RAT will compromise the infected device’s “device’s camera, SMS messages, microphone, browser, call logs and physical location via GPS.”

All those participating in the Anonymous campaign #OpIsrael must remain vigilant with their privacy and cyber security. Take all necessary precautions and it goes without saying that common sense prevails – don’t download anything that cannot be verified to you as a ‘trusted source.’

The Israeli government has since increased their presence in Palestinian territories, ignoring the United Nations Resolution that Israeli settlements in the Gaza are illegal. Recent UN reports finding Israel guilty of apartheid were retracted, and respected United Nation’s Under Secretary General  Rima Khalaf was forced to resign after immense pressure from the Trump administration.

The Trump administration has since vowed to correct Obama’s call not to veto the UN’s December resolution, and to “support” Israel in either a “one-state” or two-state resolution, depending on what Israel decides.

This article (Israeli Trojan Trap Set to Bait #OpIsrael Anonymous Campaigners) is a free and open source. You have permission to republish this article under a Creative Commons license with attribution to author Aral Bereux and DNewsHQ.

Supporting Independent & Investigative News is important to us. Please, follow us on Twitter: Follow @DNewsHQ