Arab hacker claims hacked into Israeli government sites

After exposing credit card numbers, Facebook passwords belonging to Israelis, 'Emad' allegedly hacked Israeli websites ending in Gov.il

Shahar Shoshan|Published: 08.09.12 , 22:28

The hacker known as Emad, aka M.R.S.CO, who posted the credit card details and passwords of Israeli citizens on Tuesday posted a list of Israeli government sites that he claims to have hacked. The list includes sites for the Prime Minister's Office, the President of the State of Israel, the Ministry of Environmental Protection and the Accountant General.

These sites have apparently not been affected by the attack except the Soil Erosion Research Station at http://sers.gov.il which redirects to the hacker's Website.

The hacker has apparently hacked the server farm that hosts the websites, gained access to the archived files and changed the image on the homepage to an image linking to his website.

It should be noted that website hacks are as common as home break-ins and usually don't carry serious consequences. Some government sites which end with Gov.il actually belong to independent entities.

Such sites receive the government domain name but are stored on private servers, not on secure government servers. This is probably the case with http://sers.gov.il

The Finance Ministry, which is in charge of the government server farm said, "The sites on the hacker's list are government sites managed by the Israeli Accessible Government framework. Therefore information about these sites' names and web addresses are accessible to anyone on the Internet so anyone could have posted the list. None of these sites has been hacked or defaced."

מתוך אתר של ההאקר

From the hacker's website

The Finance Ministry added that "Not all sites ending in gov.il are kept on the Accessible Government framework. For example, sers.gov.il, the site which was defaced on Tuesday, is not on Accessible Government. We implement the best security measures to prevent the hacking of sites on Acessible Government and we update the procedures accordingly."

Erez Wolf, A product manger at WebsPlanet tried to track down the hacker. In his blog Wolf mentions that according to zone –h, a credible website on hacking, this hacker has been credited with numerous hacks.

מתוך אתר ההאקר

Emad's website

Wolf says that the Hebrew on the hacker's website seems not to have been translated via a translation application software such as Google Translate but rather by a human translator.

Wolf assumes that "Emad" is probably a hacker based in Iran.

If this is true then the hacker is a pro who has hacked and posted thousands of messages in recent years. He has also been known to hack Arab websites, Shia-Islam Websites and sites depicting what he sees as female nudity or heresy against Islam.