Celebrity hacktivist joins the Mid-East cyber-war
DoctorNuker talks politics to the Reg
An attack by pro-Israeli hackers against the Hizbollah and Palestinian Authority Web sites over a week ago initiated the current Middle-East cyber-war, which has widened considerably, lately affecting sites in other countries and drawing talent from overseas.
One incredibly prolific hacktivist and defacement artist known as DoctorNuker, founder of the Pakistan Hackerz Club, not only threw down the gauntlet on the Palestinian side last week, but even attacked an influential Jewish lobbying group on US soil -- the American-Israel Public Affairs Committee (AIPAC) -- with a hacked homepage featuring links to enormously disturbing photos of Israeli aggression dating from 1948 to the present.
More significantly, he also compromised two of the organisation's databases, one containing approximately 3500 e-mail addresses of members, and another containing the names, addresses and credit-card account details of roughly 700 donors.
The public exposure of personal data marks an interesting escalation in a battle previously characterised by the aggravations of packet floods and DNS hijacks.
"The idea of posting members' information came when I saw the e-mail addresses of [AIPAC contributors] belonging not only to big companies but government organizations -- US Senate and military departments. Nothing is effective unless it affects the big bosses," DoctorNuker told The Register.
Until now the Doctor has been concerned chiefly with India's heavy-handed treatment of Kashmir, attacking scores of sites and numerous US government facilities in protest, including the hacked homepage at the Department of Commerce, where he warned the USA to "stop interfering in our internal affairs....or we will perform our next nuclear test....in your ass."
The recent Palestinian cyber-resistance attracted DoctorNuker's interest because, as he told us, "we share the religion and we think alike."
Meanwhile, the AIPAC Web site remains off-line while the organisation seeks to beef up its security. AIPAC will resume its on-line presence in a week or two, but "may not continue signing members up on-line," AIPAC press spokesman Ken Bricker told The Register.
Interestingly, the people whose details were exposed have in large part been indulgent. "Of the sixty or seventy affected people who called us, most were sympathetic," Bricker said. "Only one I can remember was actually shrill."
Also notable here is the characteristic restraint with which PHC members and fellow hackers have treated the exposed database of credit information. "We're aware of only three incidents of fraud associated with the intrusion," Bricker told us.
Hackers, as we have pointed out before, tend not to be motivated by personal gain, but more by curiosity or bragging rights. Hacktivists, naturally, are even less concerned with material advantage.
Bricker interprets the hack as an opportunity to reflect on the importance of solid Web security, and emphasises that the organisation is in no hurry to restore the site until its vulnerabilities are understood and adequately addressed. The FBI's National Information Protection Centre (NIPC) is doing what it can to trace the attack back to its source.
DoctorNuker has of course assumed this much and says he "will not touch [AIPAC] for a while now....I know they are watching the logs and methods closely."
But he's far from backing down. He may need to leave AIPAC alone for a bit, but he'll be pleased to deal with other targets. He'll "continue the cyber attacks, some hidden hacks and some public defacements, until they realize that they are in trouble," he told us. ®
Sponsored: Magic Quadrant for Client Management Tools