-Caveat Lector- On Sat, 28 Oct 2000 19:39:55 +0200 "Big...BugBrother...Band" <[EMAIL PROTECTED]> wrote: [: hacktivism :] b! -- if anybody has more precise informations, and links, feel free to pass it on there's also another story there : Arabs unify in �cyber-war� against Israel Hackers crash Jewish state�s most high-profile websites Ranwa Yehia Daily Star staff http://www.dailystar.com.lb/26_10_00/art2.htm _________________________________________________________ Preliminary Analysis of Cyber Skirmish in the Middle East iDEFENSE Intelligence Services http://www.idefense.com October 27, 2000 09:30 p.m. EST Overview: iDEFENSE Intelligence Services has been monitoring an increasing level of cyber attacks carried out by pro-Palestinian and pro-Israeli groups. This activity has paralleled the increase of tensions and violence on the ground. So far, at least 18 sites have been hit by pro-Palestinian attackers and at least nine sites by pro-Israeli attackers. There has been at least one threat by a pro-Palestinian hacker to carry out distributed denial of service (DDoS) attacks, such as those carried out in Feb. 2000, against "Zionist" sites. iDEFENSE expects to see a full range of cyber actions over the coming weeks to include additional defacements, system penetrations, the possible use of viruses or Trojan horses, disinformation campaigns, denial of service attacks and a variety of other tactics. Key Players: Preliminary analysis by iDEFENSE has identified a number of key players and organizations involved in the attacks. Pro-Israeli individuals and groups include wizel.com and a.israforce.com. Pro-Palestinian individuals and groups include, ReALiST, PROJECTGAMMA, dodi, UNITY, Xegypt, Hezbollah, Ummah.net, Arab Hax0rs and al-Muhajiroun to name a few. The active support by al-Muhajiroun for the current cyber activity is significant due to the group's well-known history for supporting traditional terrorist actions and its ties to Osama bin Laden. Al-Muhajiroun is headquartered in London. The leader of al-Muhajiroun in the UK is Anjem Choudary. It boasts chapters in Pakistan, the US and other countries around the world. Sheikh Omar Bakri Mohammed is a key leadership figure in the group. The group hosted a conference in 1998 in which Hamas, Hezbollah, and Egyptian and Algerian fundamentalist groups took part, and has continued to be a major player in terms of trying to unify the "jihad" campaign against the US and Israel. The group has stated that the US, Israel, Russia and Britain have declared war on Islam. The British Charity Commission reportedly withdrew al-Muhajiroun's charity license around Nov. 1999. The licenses for the Sharia Court of the UK and the London School of Sharia were also revoked. All three organizations are supervised by Sheikh Omar Bakri Mohammed. Targets: Sites targeted by the Pro-Israeli side include: Almanar.com.lb, Hamas.org, 207.222.197.194 (Hezbollah), 216.147.45.137 (Hezbollah), Hizbollah.com Attack, pna.org, palestine-info.net, nasrallah.net, moqawama.org, manartv.com, and JMJ Internet Services. Sites targeted by the Pro-Palestinian side include: Bank of Israel, Tel Aviv Stock Exchange, Netvision, Wizel.com, Cairo.eun.eg/hacked.asp, Ebrick, Inc., Gega Net ISP, Gilo.jlm.k12.il Attack, Israel.org (147.237.72.20), Israeli Academic Sub-Domain, Israeli Defense Forces (IDF) and the Israeli Foreign Ministry. Actions: ReALiST has claimed responsibility for the Web page defacements against egynile.com and cairo.eun.eg/hacked.asp. He is a member of the xEgypt hacker group. In a message posted to an Arab hacker bulletin board, ReALiST said, "I'm thinking of something like DDoS, on major Israel networks and sites, and sending emails helping all Arab ISP's and sites for more security, we will just tell them what we know... I'm thinking of installing TFN3K servers and doing the cnn.com and yahoo.com thing again any one in, mail me quick." iDEFENSE has confirmed the existence of TFN3K but has not yet established whether or not ReALiST has the tool or the ability to launch an attack using it. One pro-Palestinian group has deployed a FloodNet type tool and is currently carrying out an attack against the sites of the Bank of Israel, the Tel Aviv Stock Exchange and Israeli government. The "defend" tool, which appears to be the same one used by Pro-Israeli attackers at wizel.com against Pro-Palestinian targets, has been mirrored on sites hosted by angelfire.com, tripod.com and jumpfun.com. One pro-Palestinian protester has called the current actions an "e-Jihad." Another term that has begun to crop up in mainstream fundamentalist bulletin boards and email lists is "cyber jihad." Pro-Israeli attackers have effectively incorporated a disinformation element to their cyber campaign by registering and setting up a series of Web pages very similar in name to actual Hezbollah sites. These imposter sites presented a decidedly pro-Israeli message to the visitor rather than the expected Hezbollah rhetoric. Wrap-Up The impact of the current range of attacks has the ability to effect not only those targeted but also other sites and services which rely on the same connections and bandwidth to access the Internet. In addition, there is an increased risk to high-profile Web sites which may find themselves targeted simply because pro-Palestinian or pro-Israeli attackers may find them a good vehicle through which to promote their cause. Netvision has reported significant difficulties in servicing its customers due to the heavy traffic sent to the targets. Netvision hosts and provides connectivity to 70% of Israel's Internet users. The current series of attacks are expected to continue and intensify as political tensions in the region heighten and support for the cyber element grows among high-profile Muslim extremist groups, many of whom have a very strong presence on the Net. The imitation of attack tactics by either side is expected to continue. Attacks utilized by one against the other are likely to be turned around in a matter of hours depending upon the amount of customization and set-up time required. iDEFENSE is currently compiling a profile of the actors involved, the tools being deployed, target sets, a timeline of events and a number of other aspects about the current conflict. We hope to issue an initial draft of this report in the next 24 hours, and will continue to monitor the conflict for its duration. ------------+------------------------+--------- iALERT delivers daily monitoring and analysis of cyber threats, vulnerabilities, and incidents to iDEFENSE's clients. This e-mail is delivered to journalists covering the information security field. For more information or comment please contact Jerry Irvine at 703.898.8283 <mailto:[EMAIL PROTECTED]> ------------+------------------------+--------- iDEFENSE - The Power of Intelligence Visit the iDEFENSE Web site for additional information: <http://www.idefense.com> Copyright 2000 Infrastructure Defense Inc. (iDEFENSE) ------------+------------------------+--------- ==================?) bb! U, G� brother !) http://www.bugbrother.com mailto:[EMAIL PROTECTED] [: hacktivism :] [: for unsubscribe instructions or list info consult the list FAQ :] [: http://hacktivism.tao.ca/ :] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Exposure to the internet retards psychic acuity. Microprocessors sap and impurify the will, sinking the brain into an electrically charged cesspool of static. Reliance on computers reduces the junkie to a slobbering automaton, dancing on strings held by the Illuminist bolsheviks of Silicon Valley. Dendrites snap...neurons decay...axons are reduced to a thin white gruel, a paste that was once a living mind. http://www.merlin.org http://www.mediachannel.org/views/oped/neo.shtml http://www.ddh.nl/nwd/2000/index-eng.html _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. <A HREF="http://www.ctrl.org/">www.ctrl.org</A> DECLARATION & DISCLAIMER ========== CTRL is a discussion & informational exchange list. Proselytizing propagandic screeds are unwelcomed. Substance�not soap-boxing�please! These are sordid matters and 'conspiracy theory'�with its many half-truths, mis- directions and outright frauds�is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRLgives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://peach.ease.lsoft.com/archives/ctrl.html <A HREF="http://peach.ease.lsoft.com/archives/ctrl.html">Archives of [EMAIL PROTECTED]</A> http:[EMAIL PROTECTED]/ <A HREF="http:[EMAIL PROTECTED]/">ctrl</A> ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om
