Hackers broke into a computer of Israeli defence ministry using an email attachment containing malicious software pretending it had been sent by the country’s Shin Bet security service.
According to computer security company Seculert, the hackers temporarily took over about 15 computers earlier this month and remained in control of them for at least several days. The infected email attachment used to gain control over the machines pretended to contain information about the recently deceased Israeli ex-prime minister Ariel Sharon.
One of the hacked computers was being used to monitor Palestinian movements in the Israeli-occupied territory. The security company suggested Palestinians might have been responsible for the attack.
Aviv Raff, chief technology officer at Seculert, said the current attack resembled an incident that took place about a year ago when hackers from the Hamas-controlled Gaza region attacked Israeli computers.
Despite the current attack having been conducted from American soil, the experts detected similarities in writing and composition.
Israeli and Palestinian officials refused to comment.
Securlet has revealed the hackers used the Xtreme Rat software to infect the computer. This remote access Trojan horse gives hackers complete control over the infected machines, enabling them to steal information, load further malicious software to the network through the computer or use the compromised computer as a beachhead from which to conduct reconnaissance and attempt to gain deeper access into the network.
"All we know is at least one computer at the Civil Administration was in control of the attackers; what they did we don't know," Aviv Raff said.
Securlet managed to identify the infected computers by tricking the Xtreme RAT software into communicating with the company’s servers.
The other 14 computers targeted in the attack were not identified. However, some sources suggested those might have belonged to companies involved in supplying Israeli defence infrastructure.
Hacking activity has surged in the Middle East over the past three years as both governments and activist groups have targeted the military, other state agencies, critical infrastructure and businesses as well as dissidents and criminal groups in order to gain information about their operations and also disrupt them.