Palestinian hackers with criminal subculture go global

Check Point was able to spot over 10,000 attacks in the previous year from the Gaza Strip and Egypt. Social media groups and a subculture of crime even produce how-to guides for online theft.

Hacker in a hood (photo credit: INGIMAGE)
Hacker in a hood
(photo credit: INGIMAGE)
Gazan cyber-hackers are growing in ambition and scope of operations, Israeli cyber-security company Check Point claimed in a Wednesday report that takes readers into the online forums and chats of those “in the life.”
“Palestinian hackers are mainly interested in creating a stable source of income for themselves,” Check Point’s head of network cyber security research Adi Ikan told The Jerusalem Post. This can be done in two ways: having the victim call a premium number the hacker owns, or selling airtime to a third party at the expense of the victim. Hacking attempts from Egypt were also detected.
Premium numbers are numbers that charge a fee when you call them and, in return, offer a service. They are used in a scam known as International Revenue Sharing Fraud (IRSF), where a hacker instructs the phone system in a company, or even the victim’s phone, to dial such numbers repeatedly.
Such calls can run up a tab of even $166,000 in a single weekend, as happened to Bob Foreman when his architecture firm was hacked in 2014, according to The New York Times. The numbers were in Somalia and Gambia; all the calls took place when nobody was in the office to notice them.  
Due to many companies using Voice over Internet Protocol (VoIP), which is a way to conduct telephone conversations digitally, hackers can sell airtime to a third party at the expense of the victim. Want to talk to your sister in Washington but can’t afford to call? The hacker could sell you the airtime for a fraction of the cost, since he’s not paying for it after all.  
Using a security gap in FreePBX servers – a web UI that manages Asterisk, the world's popular VoIP framework – hackers can also record calls, send instructions as if they owned the company and, in theory, blackmail or commit industrial espionage. 
Check Point White Hat hackers were able to find a “business card” of one of the criminals, inje3t0r3-seraj, who wanted to boast about his abilities.  
“It’s a stage name and how you build your reputation,” Ikan explained. “This is one way to network. People see you have the abilities and want you to do stuff, you ask them to do stuff for you and this is how a social group is formed.” There are Facebook groups and forums in Arabic where different aspects are discussed and tips given.  
Why would highly educated people turn to crime and not take on a legitimate job? “Well, they can make a lot of money this way,” Ikan explained, “and they like the challenge, this idea that they can beat the system.”
The attacks are not ideologically motivated; more than half of them (52%) are directed at the UK, with the Netherlands (21%) and Belgium (15%) coming after. Hamas, it seems, is not interested in fighting cybercrime in the Gaza Strip. Check Point did not get any requests to share their findings with the terrorist organization.  
How can companies stay safe? Check the phone bill for any unknown calls, change passwords often, and of course, be aware that cyber security companies such as Check Point offer services to protect IPs.