Muslim hacker group defaced thousands of Israeli Websites via WordPress Plugin

According to cybersecurity specialists, a group of Iranian hackers managed to access a set of Israeli websites in retaliation to various warfare actions; apparently, at least 2,000 websites based in Israel were completely defaced during the attack.

After the attack was completed, the hackers posted anti-Semitic propaganda on the homepages of the attacked sites. Shortly thereafter, Israel’s National Cyber Directorate confirmed the incident.

Israeli authorities assure their citizens that the incident is already being dealt with, although correcting all damages could take time. Therefore, users are advised to refrain from entering the compromised websites or clicking on any posted links. Incident investigations report that the attacked sites are hosted by uPress, an Israeli-based service provider.

The attacked sites appear to belong to several municipalities, to United Hatzalah (a volunteer-based emergency medical services organization), the Kinneret Authority (Sea of Galilee), several NGOs based in Israel, the official site of the Meretz party leader, Nitzan Horowit, food chains, among other organizations.

Shortly after the information was leaked, the hosting services company also acknowledged the incident, mentioning that threat actors had exploited a vulnerability present in a WordPress plugin, allowing them to expand the attack. UPress representatives also mentioned that they have already made contact with the Israeli authorities to continue the investigation.

A message posted by the hackers mentions: “The countdown to the destruction of Israel has begun.” Threat actors also posted threatening phrases, links to YouTube videos, and images of what they called “The Destruction of Tel Aviv.”

Regarding the reasons it occurred, cybersecurity specialists point out that the attack came just days after a cyberattack was reported at an Iranian port, although Iran’s government has not presented evidence to support its claims. According to several reports, the cyberattack at the port of Shahid Rajaee in Iran was executed by Israel. A hacker group called “Hackers of Savior” has been identified as the main suspect in the attack. According to a report by the specialized platform ZDNet, the group consists of at least nine prominent hackers from various Muslim countries such as Turkey, Palestine, Morocco and Egypt.

For cybersecurity experts, this is yet more sign of the upcoming wars also being deployed in the field of computing, which is fearsome due to the advancement of cyber weapons and attack methods, which already have the potential to generate disaster at the national level.