The two “white hat” hackers who discovered the website believe it was used to lure specific victims – presumably journalists – in order to collect their data in preparation for a future attack on their computers.
Israeli hackers have exposed a website that published personal data about high-ranking Israeli military and intelligence officials, a report by The Times of Israel says, citing Hadashot TV.
In particular, the website — the name of which remains undisclosed — has published personal details and pictures of the home and family of Mossad chief Yossi Cohen.
Avichai Adraee, the Arabic spokesperson for the Israeli Defense Forces, also had his personal data leaked via the website, the report says.
The website was reportedly advertised via social media in an apparent attempt to lure journalists, the report says. Any person visiting the website also had their personal data collected.
“As soon as you enter the site, you reach the main page, which already shows you photos of Yossi Cohen and Avichai Adraee, with pictures of the Mossad headquarters in the background,” says Yuval Adam, one of the two computer security specialists who discovered the website and reported it to the National Cyber Authority, which launched an investigation, the report says.
Adam was one of a team of hackers combing Twitter as a part of a project aimed at detecting accounts responsible for the spread of fake news.
“We managed to break into their system and find some interesting things there, such as the fact they were operating from the Beirut time zone,” Noam Rotem, the other hacker, said.
While this may indicate that the website is based in Lebanon, the time zone also includes Israel itself, as well as most of Eastern Europe and several African nations.
The hackers reportedly identified a weakness in the website’s code which allowed them to access the server on which it was hosted. After examining the website, they concluded that its primary goal was likely not so much to expose the Israeli officials’ personal data, but to lure specific victims in order to attack their computers in the future.
According to Hadashot, the unnamed website was still operational at the time of the report; the TV channel warned that visiting the website might result in exposure and collection of personal information.