Websites in Israel have been attacked by threat actors hoping to get cryptocurrency transactions
A hacker or hacker group made a massive attack
against multiple web pages in Israel, leaving thousands of websites out of
service, report network
security and ethical hacking specialists from the International
Institute of Cyber Security.
According to local media reports, the attacker/attackers
tried to infect thousands of websites with a variant of ransomware,
pretending to block access to these sites until they were made a ransom payment
in cryptocurrency.
The compromised sites showed the words “Jerusalem is the capital of Palestine”.
According to reports from experts in network
security, attackers got access to the compromised sites exploiting a critical
vulnerability in Nagich, a third party plugin used by Israeli websites for
accessibility for handicapped people. The attackers achieved their goal after
taking control of a registry on a DNS server in the domain name of the Nagich
service, which allowed hackers to redirect traffic to a server under their
control.
Network security experts concluded that Nagich
developers committed several elemental security flaws, an element that
contributed to the successful attack.
The laws of Israel state that any website that
provides a public service should be accessible to people with disabilities.
Some of the sites affected during this incident are Coca Cola, McDonalds and
the telecom company Golan Telecom, as well as some local news portals.
Nagich cybersecurity teams managed to contain
the attack about half an hour after it was detected, although some websites
were unavailable for hours.
After containing the incident, some specialists
took the time to criticize the company for the negligence committed; stressing
that Nagich had already been warned in the past about their security
failures. “This attack could have generated
billions of dollars in losses,” some experts commented.
