The start of March 2019 saw various Israeli government websites hacked, each displaying the following defacement page:
The attack was carried out from modifying a DNS record for a script used by many websites for (WCAG) 2.0 Standard compliance. Visitors to websites using this script were in turn met with malicious code rather than the legitimate website they wanted to see.
It is reported that behind the defacement page was ransomware, however the ransomware was not made active as the hackers made a mistake in not a simple and obvious variable into their malicious code which would have seen windows users taken to a false update page for adobe, installing flashplayer_install.exe
which is really JCry ransomware disguised as flashplayer update.