Date of Incident: 2024/12/09 (Zone-H Server Time)
A high-profile hacking incident has come to light after several Israeli domains were defaced by a hacker operating under the pseudonym “the key40”, who identifies as being from Algeria. The attack, which occurred on December 9, 2024, appears to be politically motivated, with messages left by the hacker highlighting support for Palestine and condemning Zionism.
Incident Summary
The attacker targeted an Israeli server operating on IP: 185.232.14.105. While specifics about the server’s setup remain unclear, it was confirmed to run a Linux-based system. The hacker managed to breach and deface multiple websites hosted on the server, replacing their content with a politically charged message.
Hacked Domains
The following websites were confirmed to have been compromised:
- https://dizzo.co.il
- https://fooder.co.il
- https://devices.co.il
- https://cary.co.il
- https://yourlaw.co.il
- https://www.lawlaw.co.il
- https://eiruim.com
Defacement Message
Each hacked page displayed the following message, attributed to “the key40”:
DEFACED BY THE KEY40 FROM ALGERIA
PALESTINE WILL BE FREE INSHALLAH TODAY OR TOMORROW IT´S THE PROMISE OF ALLAH AND WE BELIEVE IN IT
DESPITE THE ATOMIC ARSENAL , AMERICAN ARMAMENTS , AND BILLIONS FLOWING FROM ZIONISM CENTERS , THE ZIONIST PIGS DREAMS OF THE IMPOSSIBLE , AND EVEN IF YOU DOMINATE THE EARTH, YOU WON’T BE ABLE TO DOMINATE THE PEOPLE , AND IF YOU KILL A MAN , TEN WILL BE BORN TO REVENGE FOR HIM.
YOUR ARE ONLY A GROUP OF COWARDS ,HIDING BEHIND TANKS DRONE AND MASSIVE ARMAMENT TO KILL BABYS AND SHOOTING HOSPITALS.
The message reflects a strong ideological stance against Israel, with an emphasis on solidarity with Palestine.
Attribution
The hacker, “the key40,” has previously been associated with politically motivated cyberattacks. Their signature style includes leaving prominent pro-Palestinian messages and targeting domains in regions tied to geopolitical conflicts.
Technical Details
- Target IP: 185.232.14.105
- Operating System: Linux
- Web Server: Unknown
- Location of Server: Israel
It is unknown how the hacker gained access, but such attacks often exploit vulnerabilities in unpatched software, weak authentication protocols, or misconfigurations.
The attack was first recorded on December 9, 2024, based on timestamps reported by Zone-H, a website that tracks web defacements globally.
The incident not only disrupted the targeted websites but also raises questions about the security posture of the affected organizations. While the primary aim appears to be the dissemination of a political message, such attacks could also lead to broader data breaches, reputational damage, or operational disruptions.
This incident highlights the increasing role of cyberattacks as a tool for ideological expression and political dissent. Organizations in politically sensitive regions remain at heightened risk and must prioritize robust cybersecurity measures to defend against such threats.