US, Israel make arrests related to JPMorgan hack


U.S. and Israeli law enforcement agencies have arrested four people in Israel and Florida related to securities fraud tied to computer hacks of JPMorgan Chase & Co and other financial institutions, Bloomberg reported, citing sources.

Israeli police spokesman Micky Rosenfeld said he did not have details of a scam involving JP Morgan but confirmed three arrests.

“Three Israeli citizens were arrested on Thursday and have been remanded in custody, appearing in court in Rishon Lezion, near Tel Aviv,” Rosenfeld told Reuters.

A fifth person remains at large, Bloomberg reported, quoting officials.

JPMorgan said last October that names, addresses, phone numbers and email addresses of about 83 million customers were exposed in a hacking attack, making it one of the biggest data breaches in history.

In the indictment, which was unsealed on Tuesday, two people were charged with securities fraud in a plan to pump up the value of low-volume stocks, Bloomberg said. (http://bloom.bg/1MmSUiI)

Two people arrested in Florida are charged with running an unlicensed money-remitting business related to the scheme, Bloomberg added.

Pro-Palestinian hacking group attacks WhatsApp website


A pro-Palestinian hacking group disrupted the website of the Israeli-developed mobile messaging application WhatsApp with anti-Israel messages.

The denial of service attack on Tuesday, which also struck the website of anti-virus software maker AVG, redirected users to sites that read “long live Palestine” and “there is no security, we can catch you” above the logo of Anonymous Palestine.

The hacker group Anonymous has tried to “erase Israel from the Internet” in previous concerted attacks on Israeli government, business and social media sites.

Network Solutions, which registers domain names, provides hosting services and sells other website-related administration services, including to WhatsApp, said Wednesday that it was investigating the attack.

The hacking group, called KDMS Team, announced its responsibility for the attack on Twitter. In one tweet it lauded the fact that 850,000 people had seen their message. In another it wished “Peace From #Palestine, The Stolen Land.”

WhatsApp was back online Wednesday.

Hackers use new tactic to attack U.S. media sites


Hackers promoting the Syrian Electronic Army simultaneously targeted websites belonging to CNN, Time and the Washington Post on Thursday by breaching Outbrain, a firm which publishes content recommendations on those sites.

That resulted in some WashingtonPost.com and Time.com customers being redirected to the website of the Syrian Electronic Army when they clicked on the content from Outbrain, said Outbrain Vice President Lisa LaCour. The CNN International site briefly displayed a headline that said “Hacked by SEA,” she said.

The Syrian Electronic Army is an online group that supports Syrian President Bashar al-Assad and has been linked to several high profile attacks. They include one on the Associated Press' Twitter feed in which a bogus message was sent out about explosions at the White House.

The latest attacks were significant because the hackers simultaneously targeted several sites by breaching a single supplier whose content is published on multiple platforms.

In previous campaigns linked to the Syrian Electronic Army, hackers have breached networks using similar tactics. But in those cases emails were sent to employees of a single specific media outlet they were targeting, which made preparations for the attacks more labor intensive.

Outbrain, which posts content on a large number of prominent news sites, took down its entire network at about 11 a.m. EDT (1500 GMT) on Thursday, before the hackers could do any more damage, LaCour said.

The company's technicians, who are based in Israel, cleaned up the network and planned to restore service late on Thursday, she said.

Outbrain said the hackers got in after sending a phishing email to all company employees on Wednesday that purported to be from the CEO. An employee provided login credentials in response to that email and then the hackers were able to get other credentials for accessing internal systems, the company said.

Chris Wysopal, chief technology officer for software security firm Veracode, said he believes that hackers will increasingly choose to go after third-party providers because their security is likely to be more lax than that of their customers.

“As the Internet becomes more interconnected, this risk is going to increase,” he said.

Time and CNN, both owned by Time Warner, and the Washington Post all said they believed that their sites had not been impacted by anything besides the attack on Outbrain.

Computer virus attacks Israeli Facebook users


A computer virus attacked thousands of Israeli Facebook subscribers days before a threatened mass cyber attack on Israeli websites.

More than 2,000 Israeli Facebook users clicked on the malicious link Wednesday; 14,500 users worldwide clicked on the link. Nearly 4,000 Israeli Facebook users also shared the link with their friends.

It was unclear exactly what the link does besides replicating itself on Facebook, according to reports.

The virus comes four days before a threatened cyber attack operation on Israeli websites by the hacker group Anonymous and other hacker groups.

Anonymous in an operation code named OpIsrael has threatened to “wipe Israel off the Internet” by targeting dozens of Israeli websites, including banks, credit card companies and government sites.

It is not believed that the Facebook virus is related to the planned cyber attack.

Reform congregation websites hosted by URJ are hacked


The websites of several congregations hosted by the Union for Reform Judaism were hacked and linked to anti-Semitic websites.

Following the weekend hacking, the URJ pulled down the websites for scanning and clean-up, according to Mark Pelavin, the URJ's senior advisor to the president.

In an e-mail to JTA, Pelavin said the sites were set to be brought back online by Monday evening, adding that URJ made some changes to its security protocol.

The hackers appear to be a group calling itself Moroccan Ghosts, according to Jeffrey Salkin, the Anti-Defamation League's New Jersey community director.

Since March, Moroccan Ghosts has hacked some 82 websites, mostly in the United States, but also in France, Britain, Vietnam, South Africa, Germany, Spain and China, the ADL said. The Facebook page of Moroccan Ghosts includes graphics reading “Free Palestine,” as well as an Israeli flag ripped in half and on fire.

A member of the group, a 17-year-old hacker from Morocco who calls himself King Neco, in an interview from over the summer with Eduard Kovacs on the Softpedia website, identified as part of the organization's objectives “Defending Palestine and Jerusalem 'al Qods.' “

Saudi hackers release Israelis’ credit card details


Saudi hackers released the credit card information of hundreds of thousands of Israelis online.

Members of the Saudi hacking ring Group-XP took credit for the release of the information on Jan. 2. The information, including credit card details, the holders’ names, addresses, phone numbers and national identification numbers, were posted on a popular Israeli sports Web site.

Calling the posting of the information a “gift to the world for the new year,” the hackers said they hoped it “would hurt the Zionist pocket,” according to Ynet.

The information reportedly came from Jewish Web sites from which Israelis made purchases, as well as a Web site for making donations.

The Bank of Israel released a statement saying that the approximately 15,000 credit card holders affected by the hacking will not be responsible for fraudulent charges based on the incident.

Jewish group claims Hamas hacked its website


The website of the Jewish People Policy Institute was hacked Thursday by a group that the institute claims is affiliated with Hamas.

The JPPI, a Jerusalem-based think tank that focuses on the Jewish future and Israel’s security, issued a statement saying hackers took over its website, then posted a picture of an Israeli tank and a Palestinian child on the English section, and removed a recently uploaded assessment and analysis documents.

The documents that were removed were written by JPPI’s senior staff, including a paper dealing with the participation of world Jewry in decisions relating to the political process, a document concerning the deligitimization of Israel,  an assessment of the situation of European Jewry, and a document summarizing the discussion of Israel’s controversial Conversion Law and its ramifications.

JPPI is claiming that the group that hacked its site has ties to Hamas.

“The hackers’ website is identified with the Hamas movement and we know for sure that they are operating from the Gaza Strip,” a spokesman for the JPPI told JTA.