The US army's website for the Military District of Washington was defaced by attackers said by some to be from Turkey, while the NATO Parliamentary web site was also hit. The MDW web site was down at the time of writing, but Google's cached search showed the defaced page.
These high-profile attacks were part of an ongoing campaign of defacements. Thousands of pro-Israeli groups were said to have been hacked by pro-Hamas Muslim teams in a bid to spread their own messages.
The cyber-activity was not limited to site defacements. Help-Israel-Win, a group of students determined to help Israel by attacking site sympathetic to Hamas online, was formed late last month, and has now issued a Windows client that it says can be used to co-ordinate distributed denial of service attacks on Hamas.
The students, committed to "stopping our enemies destroying the state of Israel," have named the tool 'Patriot'. When willingly downloaded and installed by a user, it is designed to flood pro-Palestinian websites like qudsnews.net and palestine-info.info with traffic.
However, some security researchers expressed concern over the power that the tool might have over client-side computers. SANS Institute examined the program, which it said was obfuscated to cloak its activities. The organization found that the machine connected to one of several hard-coded command and control channels using a legitimate IRC client.
"While at the moment it does not appear to do anything bad (it just connects to the IRC server and sites there - there also appeared to be around 1 000 machines running this when I tested this) the owner can probably do whatever he wants with machines running this," said SANS researcher Bojan Zdrnja in a blog post about the tool. Patriot also downloads a remote file and saves it locally as TmpUpdateFile.exe. It "certainly sounds fishy," mused Zdrnja.
A couple of botnets had been co-opted to launch attacks on Israeli site, according to networking company Arbor Networks.
"We’re seeing no major upticks in measured traffic to IL or PS prefixes and ASNs, but we are seeing a couple of botnets pound away on IL targets," said the company's Jose Nazario in a blog post.