A mysterious hacker group said Tuesday that it had executed a successful cyberattack against Lebanese terror group Hezbollah's financial wing, Al-Qard al-Hassan, which includes a functioning banking system.
According to the Lebanese newspaper The Daily Star, the group known as “SpiderZ”, already leaked passport photos, details on customers and senior executives, as well as security camera footage from inside the bank, all allegedly gathered during the attack.
The group itself said it managed to gather vast amounts of data from the bank’s servers which it plans to release to the public and the information leaked so far is only a “taste” of what's to come.
The bank's management confirmed the attack, which they said targeted its branches in Lebanon as well as in the United Arab Emirates, though the hackers did not manage to access any bank accounts.
The leaked data, however, includes lists of the bank's customers, account numbers, financial and private reports of more than 100,000 depositors and 200,000 borrowers, as well as the names of several other banks that cooperate with Hezbollah, including JTB Bank, the Lebanese-Canadian Bank, the Lebanese-Swiss Bank, the Societe-Generale Bank, the Bank of Kuwait and the Arab World.
Shortly after the attack, SpiderZ published a video, where they claimed the bank allows senior Hezbollah members to dip their toes into the finances of its customers.
"The secret has been revealed. [Al-Qard al-Hassan] does not work to protect the public. If you have a debt with them, do not pay it. Stop allowing them to steal your finances and withdraw them from the bank before they become nothing more than ink on paper,” said the group in the video.
Some speculated the hack was an Israeli retaliation for the recent cyber attack on the Israel's insurance company Shirbit as well as the attempted cyber infiltration of the country's major defense industries, both believed to have been orchestrated by Iran.
However, the choice to harm a bank recently sanctioned by the U.S. for allegedly transferring funds to terrorist organizations, may indicate the attack was actually carried out by American bodies.
The financial intelligence organization Double Cheque - which works against the financing of global terrorism - warned that customers who choose to continue working with Al-Qard al-Hassan risk losing their money.
“The full details of Al-Qard al-Hasssan clients, who deposited or borrowed money, were leaked. This means it is no longer secret, and can't be used as a covert financial shelter through which money are concealed from the authorities in Lebanon, including the banks, tax authorities and enforcement elements in the country,” wrote the organization.
“The felonies carried out by the depositors using the "secrecy" the bank provides to its members, such as tax evasion and money laundering, are now exposed to the enforcement authorities in Lebanon and the international enforcement agencies," it said. "If your name or details appear on the leaked documents, you will be investigated by enforcement authorities in Lebanon or other countries.”