4 Jan 2012

Saudi hackers target Israeli credit card details

Saudi Arabian hackers have claimed a successful cyber attack on Israeli computer servers, publishing the financial details and mobile phone numbers of an estimated 400,000 people.

Saudi hackers published details of thousands of Israelis' credit card details after an attack on a sports store's website (Getty)

In a message posted on the uncensored text hosting site PasteBay, the hackers, calling themselves group-xp, urged readers to: “Enjoy purchasing stuff for yourself in internet, like VPN, VPS, Software licenses, commercial emails, domains, etc. We even purchased security scanners like Acunetix to hack more servers using these cards!”

The details are believed to have been culled from the servers of an Israeli sports equipment firm. People who visited the company’s website were redirected to the page containing the hackers’ message.

But one cyber security expert told Channel 4 News the incident is probably nothing more sinister than a “corporate information breach”.

Dov Kotler, CEO of Israel’s largest card company, Isracard, said most of the 400,000 credit card numbers were incorrect or invalid. He estimated that only 14,000 of the numbers were actually valid.

It will cause embarrassment for the companies breached, but this is a traditional corporate information assurance issue, not a major cyber incident. Dan Soloman, security expert

According to Reuters, Mr Kotler said despite this, some of the stolen numbers had been used in fraudulent online purchases.

Group-xp claims to be the “largest Wahhabi hacker group of Saudi Arabia”. Given its Islamic basis, some analysts believe the attack may be nothing more sinister than an attempt to establish credentials among other Islamist hacker groups.

The hackers’ motives were also set out in their announcement: “What’s fun for us? Watching 400,000 people gathered in front of Israeli credit card companies and banks, complaining about cards and that they are stolen, watching Israeli banks shredding 400,000 credit cards and re-generate new cards (so costly, huh?), watching people purchasing stuff for theirself using the cards and making Israeli credit cards untrustable in the world, like Nigerian credit cards, and much more…”

Self-promotion

Dan Soloman, senior partner at security firm Hawk Intelligence Source Management, told Channel 4 News one possible reason for the breach may have been self-promotion: “Among the Islamic hacking community, if you want to get some credentials, then you attack Israel. I don’t think it means there’s an organised militia of pan-Arab hackers targeting Israeli infrastructure beyond the likes of Hezbollah and Iran.

And he thinks the incident is not the sign of something more sinister: “It will cause embarrassment for the companies breached but this is a traditional corporate information assurance issue, not a major cyber incident. It doesn’t indicate there’s a problem with Israeli national cyber-defence.

Among Islamic hackers, if you want to get some credentials, then you attack Israel. Dan Soloman

The website which was hacked soon returned to normal after the attack, and Isracard said it would be reimbursing customers whose cards had been used fraudulently as a result of the data breach.

Although the attack is not thought to be connected to the Saudi state, last year an adviser to the US Department of Defense told Channel 4 News cyber attacks presented a “major challenge” as the capabilities of hackers continued to grow.

James Farwell said: “In cyber attacks we have actors, some state-sponsored, some not, attacking states. But this is not a bunch of kids playing video games. They are developing industrial-grade technologies capable of enormous damage.”