Hamas launches email assault

Using stolen address databases or ready-made scripts, ‘hacktivists’ have been trying to intimidate Israelis through their inboxes

A message from Hamas (Photo credit: Guy Mizrahi)
A message from Hamas (Photo credit: Guy Mizrahi)

Thousands of Israelis have received email threats in the past several days since the beginning of Operation Pillar of Defense in the Gaza Strip, ostensibly from Hamas.

The messages, usually in mistake-laden Hebrew, promise all sorts of death and destruction against Israelis, from Fajr rocket assaults on Tel Aviv to terror bombings of cafes to kidnappings of IDF soldiers and Israeli civilians. The emails are sent out in Hebrew, English and/or Arabic, and sport a variety of return addresses, such as “Fajr-5,” “i.am.hitler,” and “youth of islam.”

Typical of the messages is one received by Sol Tzvi, CEO of the website Genieo.com. “Al Quds Brigades, our rockets will kill you wherever you are. You are cowards,” said the message in Hebrew, sent from an Egyptian email address, with the name of the sender “Fajr-5” written in Hebrew letters. Other messages said Hamas “would strike Israelis with an iron hand while they sleep,” “God has put terror into the hearts of Zionists,” and the like.

Speaking to The Times of Israel, Tzvi said that she found the message in her Gmail inbox — an address that she uses for communications with site users and others. “My address is out there on a number of sites, so it could be they got it from there or elsewhere.”

But not all the targeted addresses are publicly available, said blogger Guy Mizrahi, an expert on computer security issues. Dozens of people have contacted him on his security blog over the past several days complaining about the messages, and some have told him that the targeted address was not published on the web. But that’s not surprising, Mizrahi said. “There have been numerous break-ins by cyber thieves into databases recently, and it could be that pro-Hamas hacktivists either bought or otherwise got access to the addresses.”

Some of those addresses, for example, could have come from a recent mass break-in into an Israeli server, in which 15,000 Israeli credit card accounts were allegedly swiped by Iranian hackers. The accounts were quickly deactivated and no customers suffered financial losses, but the email addresses may still be valid, said Mizrahi. In addition, the hackers could be using ready-made scripts to sweep the Internet, gathering up email addresses from websites in Israeli-domain addresses (.co.il, etc.).

Mizrahi said that the senders of these messages should not be patting themselves on their backs for their alleged cyber-skills. “Anybody can buy a database of addresses and set up a mailing list,” he said. “And they don’t even have to write scripts to gather email addresses. Those scripts were already written and can be downloaded.”

That Hamas hackers found a ready-made program to parse the Web looking for email addresses doesn’t make them hacking pros — just copycats, he added.

Most Popular
read more: