People were puzzled to find a strange message when trying to access the Rafik Hariri University Hospital (RHUH) website.
Under the Iranian flag and a Guy Fawkes (Anonymous) mask, the message read:
“Hacked by Iranian Hackers. We are always closer to you, your identity is known to us, your information is for us. Take care. Update your security.”
In the end, the message was ‘proudly’ signed off with the IG account @mrb3hz4d.
The RHUH website has since been restored, but it seems it was only one of many other Lebanese websites targeted by the same hackers.
According to SMEX, a Lebanese NGO, the hacked websites are hosted on the same server managed by Terranet. This server is “outdated and suffers many vulnerabilities,” said SMEX.
These specific hackers are engaged in mass hacking. In January, the FBI mentioned Mrb3hz4d in an alert on Iranian hacker’s defacement techniques.
Mrb3hz4d is part of an Iranian hacking group, Bax 026 of Iran, who infamously hacked into Egypt’s health ministry and proudly retweeted Asharq Al-Awsat’s article about it.
A week ago, the self-proclaimed “Iranian Hackers” hacked into several world university websites, including the University of Maryland.
Recently, Lebanon has become a hub for cyberattacks, internal and external. It appears that these threatening hackers are not too pleased with the courageous determination of the Lebanese people to survive their ongoing hardships and prevail.
Needless to say, the Lebanese are appalled by the aggressive move of attacking a hospital website, let alone the main hospital that has been at the forefront of the pandemic attending to human sufferings.