New suspect in Qatargate case, Maj.-Gen. (res.) Poli Mordechai, brought in for questioning
IDF Maj.-Gen. (res.) Yoav "Poli" Mordechai was questioned in connection with the "Qatargate" case, Channel 13 News reported on Wednesday.
Mordechai was questioned on suspicion of contact with a foreign agent and accepting bribes.
He is also suspected of transferring hundreds of thousands of shekels from his business to Yonatan Urich, the main suspect in the case, throughout 2024 for a campaign in support of Qatar.
Maj.-Gen. (res.) Mordechai retired from the IDF in 2018 after serving as the coordinator of government activities in the territories and the IDF spokesperson.
He has also played a key role in hostage affairs during the Israel-Hamas War.
He was first summoned to provide open testimony about two months ago, Channel 13 reported.
Mordechai's Company, NOVARD, stated that he had not had any activity with the business since October 7.
'Novard has been working for years with various countries in Asia, Africa, and the Middle East in an official, public, and entirely legal manner. Since October 7, Poli Mordechai has been enlisted for reserve duty to promote the return of hostages. He is not involved in any business activity, and there is a complete separation between Novard's operations in the Middle East and him.'
His business partner in NOVARD was also questioned at Lahav 433 out of caution. Jay Footlik, a US-based Qatari lobbyist, will be openly questioned on Saturday.
The "Qatargate" investigation began in February 2025, when Attorney-General Gali Baharav Miara ordered the Israel Police and the Shin Bet to launch a formal investigation into individuals in the Prime Minister's Office for their ties to Doha.
Footlik notably requested that Israeli businessman Gil Birger assist him in transferring funds to Eli Feldstein, a member of Netanyahu's media team.
Feldstein has been accused of accepting bribes from Qatar, leaking classified documents that harmed the war effort, and reducing the chances of a successful hostage deal. He has also been indicted for endangering national security.
Urich has been accused of feeding Israeli journalists information, through Feldstein, cited as being from intelligence sources, when it really originated in Qatar.
Supposedly, the goal was to boost Qatar's image in the Gaza hostage and ceasefire negotiations, while belittling that of Egypt's as the other mediator. Qatar has denied any such initiative.
Sarah Ben-Nun contributed to this report.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
WIRED
18 minutes ago
- WIRED
How China's Patriotic ‘Honkers' Became the Nation's Elite Cyber Spies
Jul 18, 2025 11:28 AM A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus. Photo-illustration: Jacqui VanLiew; Getty Images In the summer of 2005, Tan Dailin was a 20-year-old grad student at Sichuan University of Science and Engineering when he came to the attention of the People's Liberation Army of China. Tan was part of a burgeoning hacker community known as the Honkers—teens and twenty-somethings in late-90s and early-00s China who formed groups like the Green Army and Evil Octal, and launched patriotic cyberattacks against western targets they deemed disrespectful to China. The attacks were low-sophistication—mostly web site defacements and denial-of-service operations targeting entities in the US, Taiwan, and Japan—but the Honkers advanced their skills over time, and Tan documented his escapades in blog posts. After publishing about hacking targets in Japan, the PLA came calling. Tan and his university friends were encouraged to participate in a PLA-affiliated hacking contest and won first place. The PLA invited them to an intense, month-long hacker training camp, and within weeks Tan and his friends were building hacking tools, studying network infiltration techniques, and conducting simulated attacks. The subsequent timeline of events is unclear, but Tan, who went by the hacker handles Wicked Rose and Withered Rose, then launched his own hacking group—the Network Crack Program Hacker (NCPH). The group quickly gained notoriety for winning hacking contests and developing hacking tools. They created the GinWui rootkit, one of China's first homegrown remote-access backdoors and then, experts believe, used it and dozens of zero-day exploits they wrote in a series of 'unprecedented' hacks against US companies and government entities over the spring and summer of 2006. They did this on behalf of the PLA, according to Adam Kozy, who tracked Tan and other Chinese hackers for years as a former FBI analyst who now heads the SinaCyber consulting firm, focused on China. Tan revealed online at the time that he and his team were being paid about $250 a month for their hacking, though he didn't say who paid or what they hacked. The pay increased to $1,000 a month after their summer hacking spree, according to a 2007 report by former threat intelligence firm VeriSign iDefense. At some point, Tan switched teams and began contracting for the Ministry of State Security (MSS), China's civilian intelligence agency, as part of its notorious hacking group known as APT 41. And in 2020, when Tan was 36, the US Justice Department announced indictments against him and other alleged APT 41 members for hacking more than 100 targets, including US government systems, healthcare organizations, and telecoms. Tan's path to APT 41 isn't unique. He's just one of many former Honkers who began their careers as self-directed patriotic hackers before being absorbed by the state into its massive spying apparatus. Not a lot has been written about the Honkers and their critical role in China's APT operations, outside of congressional testimony Kozy gave in 2022. But a new report, published this month by Eugenio Benincasa, senior cyber defense researcher at the Center for Security Studies at ETH Zürich university in Switzerland, expands on Kozy's work to track the Honkers' early days and how this group of skilled youths became some of China's most prolific cyber spies. 'This is not just about [Honkers] creating a hacker culture that was implicitly aligned with national security goals,' Benincasa says, 'but also the personal relations they created [that] we still see reflected in the APTs today.' Early Days The Honker community largely began when China joined the internet in 1994, and a network connecting universities and research centers across the country for knowledge-sharing put Chinese students online before the rest of the country. Like US hackers, the Honkers were self-taught tech enthusiasts who flocked to electronic bulletin boards (dial-up forums) to share programming and computer hacking tips. They soon formed groups like Xfocus, China Eagle Union, and The Honker Union of China, and came to be known as Red Hackers or Honkers, a name derived from the Mandarin word 'hong,' for red, and 'heike,' for dark visitor—the Chinese term for hacker. The groups were self-governing with loosely formed hierarchies and even had codes of ethics shaped by influential members like Taiwanese hacker Lin Zhenglong (known by his handle 'coolfire'). Lin believed hacking skills should be cultivated only to strengthen cyber defenses— to learn the ways of hackers in order to thwart them—and wrote an influential hacking manual 'to raise awareness about the importance of computer security, not to teach people how to crack passwords.' There were no simulated environments for hackers to build their skills at the time, so Honkers often resorted to hacking real networks. Lin didn't oppose this—hacking wasn't illegal in China except against government, defense, or scientific research networks—but he published a set of ethical guidelines advising hackers to avoid government systems or causing permanent damage and to restore systems to their original condition after Honkers finished hacking them. But these guidelines soon fell away, following a series of incidents involving foreign affronts to China. In 1998, a wave of violence in Indonesia broke out against ethnic Chinese there, and outraged Honker groups responded with coordinated website defacements and denial of service attacks against Indonesian government targets. The next year, after Taiwanese president Lee Teng-hui announced his 'Two-States Theory' challenging the Communist Party's "One China" doctrine, the Honkers defaced Taiwanese government sites with patriotic messages asserting the existence of a unified China. In 2000, after participants at a conference in Japan denied facts around the Nanjing Massacre, in which an estimated 300,000 Chinese were killed during Japan's 1930's occupation of the city, Honkers circulated a list of more than 300 Japanese government and corporate sites, along with email addresses of Japanese officials, and prompted members to target them. The so-called patriotic cyberwars gave the Honkers a common cause that forged an identity unique from western hacking groups, which the Honkers had emulated until then. Where western hackers were primarily motivated by curiosity, intellectual challenge, and bragging rights, the Honkers bonded over their common cause to help China 'rise up.' In the words of a China Eagle Union pledge, the Honkers vowed 'to put the interests of the Chinese nation above everything else.' The patriotic wars put China's Honkers on the map and inspired more to join them. Honker Union swelled to an estimated 80,000 members, Green Army to 3,000. Most were just enthusiasts and adventure seekers, but a subset stood out for leadership and hacking skills. A particularly influential group among these, whom Benincasa calls the Red 40, would go on to found or join many of China's top cybersecurity and tech firms and become integral to the state's cyberspy machine. There's no evidence that the government directed the patriotic hacking operations, says Benincasa, but their activity aligned with state interests, and they drew government attention. A retired PLA rear admiral and former professor at the PLA National Defense University praised their patriotism. The public also appeared to support it. A report claimed that 84 percent of internet users in China favored the patriotic hacking. But in April 2001, this began to change after a Chinese fighter jet clipped a US reconnaissance plane mid-air off the coast of Hainan and sparked an international incident. The collision killed the Chinese pilot and forced the US plane to land on Hainan, where the Chinese military seized the aircraft and held the crew for more than a week. The incident stoked nationalist sentiments among US and Chinese hackers alike, and both sides lobbed cyberattacks against the other country's systems. The Chinese government grew concerned over its lack of control of the Honkers and feared they could become a liability and escalate tensions. The Chinese Communist Party's official newspaper likened the hacking to "web terrorism,' and the head of the Internet Society of China issued a statement through China's official state media condemning it as well. The retired PLA rear admiral who previously praised the groups now warned they were a threat to international relations. The Honkers got the message, but with their patriotic mission shelved, the groups now became less cohesive. There were leadership clashes and disagreements over direction and priorities—some wanted to turn professional and launch cybersecurity companies to defend China's systems against attack, others wanted to go rogue and sell malicious tools. The former left to join tech firms like Baidu, Alibaba, and Huawei or cybersecurity firms like Venustech and Topsec. Some became entrepreneurs and launched their own security firms, like NSFocus and Knownsec, which became leaders in vulnerability research and threat intelligence. Some, however, shifted to cybercrime. And others, like Tan, became contract hackers for the PLA and MSS, or founded firms that served these operations. Honker Recruitment According to Benincasa, the PLA and MSS began hiring Honkers around 2003, but the recruitment became more structured and earnest following the 2006 hackings attributed to NCPH and Tan. The recruitment expanded during and after the 2008 Beijing Olympics, and was likely helped in 2009 with the passage of China's Criminal Law Amendment VII, which criminalized unauthorized intrusions into any network as well as the distribution of hacking tools. Hacker forums began to shutter, and some Honkers got arrested. Word spread that Tan was among them. According to Kozy, Tan faced seven and a half years in prison, though it's unclear if he served any time. Kozy believes he cut a deal and began work for the MSS. In 2011, it appears he launched an antivirus firm named Anvisoft, which may have served as a front for his MSS work. Former Honkers Zeng Xiaoyong (envymask) and Zhou Shuai (coldface) also became contractors for the PLA and MSS and worked on operations conducted by APT 41, APT 17, and APT 27, according to Benicassa. Some worked through shell companies, others worked through legitimate firms who acted as intermediaries to the intelligence services. Topsec and Venustech were two firms alleged to have assisted these efforts. Topsec employed a number of former Honkers, including the founder of the Honker Union of China, and Topsec's founder once acknowledged in an interview that the PLA directed his company. In 2015, Topsec was linked to state-sponsored cyber operations, including the Anthem Insurance breach in the US. Over the years, many tools used by China APT groups were built by Honkers, and the PLA and MSS mined them for vulnerability research and exploit development. In 1999, Huang Xin (glacier), a member of Green Army, released 'Glacier,' a remote-access trojan. The next year, he and Yang Yong (coolc) from XFocus released X-Scan, a tool to scan networks for vulnerabilities that is still used by hackers in China today. In 2003, two members of Honker Union released HTRAN, a tool to hide an attacker's location by rerouting their traffic through proxy computers, which has been used by China's APTs. Tan and fellow NCPH member Zhou Jibing (whg) are believed to have created the PlugX backdoor in 2008, which has been used by more than 10 Chinese APTs. According to Benincasa, Zhou developed it even further to produce ShadowPad, which has been used by APT 41 and others. Over the years, leaks and US indictments against former Honkers have exposed their alleged post-Honker spy careers, as well as China's use of for-profit firms for state hacking operations. The latter include i-Soon and Integrity Tech, both launched by former Honkers. Wu Haibo (shutdown), formerly of Green Army and 0x557, launched i-Soon in 2010. And last year, someone leaked internal i-Soon files and chat logs, exposing the company's espionage work on behalf of the MSS and MPS. In March this year, eight i-Soon employees and two MPS officers were indicted by the US for hacking operations that targeted US government agencies, Asian foreign ministries, dissidents, and media outlets. Integrity Tech, founded in 2010 by former Green Army member Cai Jingjing (cbird), was sanctioned by the US this year over ties to global infrastructure hacks. This year, the US also indicted former Green Army members Zhou and Wu for conducting state hacking operations and sanctioned Zhou over links to APT 27. In addition to engaging in state-sponsored hacking, he allegedly also ran a data-leak service selling some of the stolen data to customers, including intelligence agencies. This isn't unlike early-generation US hackers who also transitioned to become cybersecurity company founders, and also got recruited by the National Security Agency and Central Intelligence Agency or hired by contractors to perform hacking operations for US operations. But unlike the US, China's whole-of-society intelligence authorities have compelled some Chinese citizens and companies to collaborate with the state in conducting espionage, Kozy notes. 'I think that China from the beginning just thought, 'We can co-opt [the Honkers] for state interests.'' Kozy says. 'And … because a lot of these young guys had patriotic leanings to begin with, they were kind of pressed into service by saying, 'Hey you're going to be doing a lot of really good things for the country.' Also, many of them started to realize they could get rich doing it.'
Yahoo
an hour ago
- Yahoo
Gazans protest soaring costs and worsening hunger crisis
STORY: ::Palestinians in Gaza protest soaring costs and a worsening hunger crisis amid the Israel-Hamas war ::July 18, 2025 ::Gaza City, Gaza "Find a solution. We're exhausted, we're tired. We spend days and weeks waking up and sleeping hungry. It's enough. All of them are hungry. All of them here are hungry and want to eat." "My family and I are displaced from Beit Hanoun. What wrong did I do? You go and get flour for free and sell it to us for 160, 120 shekels. Who gave you the right? It's not right that a kilogram of lentils, worth 1 shekel, is sold for 40. Our message to the merchants is clear. We are not against the resistance or anyone." On Monday, UNICEF said that more than 5,800 children were diagnosed with malnutrition in Gaza last month, including more than 1,000 children with severe, acute malnutrition. It said it was an increase for the fourth month in a row. On May 19, Israel lifted an 11-week aid blockade on Gaza, allowing limited U.N. deliveries to resume. However, UNRWA continues to be banned from bringing aid into the enclave. Israeli and Hamas negotiators have been taking part in the latest round of ceasefire talks in Doha since July 6, discussing a U.S.-backed proposal for a 60-day ceasefire.
Fox News
an hour ago
- Fox News
Pro-Israel congressman accuses Tel Aviv of ‘mocking' Trump with ‘suicidal' strikes in Syria
Print Close By Morgan Phillips Published July 18, 2025 EXCLUSIVE: In a rare public rebuke of Israeli military action, Rep. Joe Wilson, R‑S.C., issued a harsh warning that recent airstrikes on Syria are "suicidal" for Tel Aviv. "I'm the co‑chair of the Israel caucus and a lifelong supporter of the State of Israel," Wilson told Fox News Digital in an emotional phone call, "I am heartsick." He said the strikes on Syria's military headquarters were "insulting and mocking to President [Donald] Trump," who just recently lifted sanctions on Syria after meeting with leader Ahmed al-Sharaa to give Damascus a "chance" at economic prosperity after the fall of Bashar al-Assad. Wilson said he had a tense phone call with Ambassador Yechiel Leiter, urging him to share his warning back home that Israel must stop the strikes. RUBIO SAYS ISRAEL STRIKE ON SYRIAN MILITARY HEADQUARTERS 'LIKELY A MISUNDERSTANDING' Only weeks ago, there were back-channel talks between Israel and Syria on a possible normalization deal. Now, not only are those talks out the window, but the strikes will complicate work on a U.S.-brokered Abraham Accords-style deal to normalize relations between Israel and Saudi Arabia, Wilson said. "It's so sad to me, it's so detrimental." He warned that fractures in Syria could ripple across the region — undermining emerging ties between Israel and Saudi Arabia, straining NATO relations with Turkey, fracturing Druze unity in Jordan and increasing instability among Kurdish populations across Syria, Iraq, Turkey and Iran. He added that such fragmentation would open the door for an ISIS resurgence, targeting Israel first. Wilson also pointed to broader geopolitical consequences, noting the strikes empower Iran and bolster Russia's presence in Syria. "Efforts should be made to expel [Vladimir Putin's forces], not to create destabilization," he said, asserting that Moscow uses its Syrian bases to project naval power across Africa and the Mediterranean. "What is being done is actually beneficial to Iran. The more destabilization, the greater opportunity Iran has to destabilize other countries, whether it be further destabilization of Iraq, and then also it plays into the hands of war criminal Putin." This week, Israel's national security minister Ben Gvir said Israel must "eliminate" al-Sharaa. On Thursday, Israeli Defense Minister Israel Katz said the nation struck to defend Druze minority communities in Syria, fearing the Syrian leadership would soon strike Israelis. "I did not trust Assad the father, nor Assad the son, and I certainly do not trust a leader like Julani," he said, referring to al-Sharaa by his former name. ISRAEL-IRAN WAR DIVIDES DEMOCRATS, BUT TRUMP'S DIPLOMACY ALSO SPLITTING REPUBLICANS He claimed al-Sharaa "relies on jihadist groups that he operates against minorities in Syria, and tomorrow he will operate them against Israeli communities in the Golan Heights. "The moment we understood that the Syrian regime was behind the attacks and a partner in the massacre of the Druze — we acted against them with full force." The Druze community also has a sizable population in Israel. Wilson called the assertion "totally contrived and misunderstood." "It's so sad to me that they're taking the eye off the enemy. The enemy is Khamenei and the enemy is the head of the snake. It is not Damascus. The head of the snake is Tehran." "They're opening the door for Tehran to rebuild Hamas to rebuild Hezbollah, to replenish and they already have the Houthis. So, it's just crazy. And again, it's suicidal. If you can't figure out who your enemy is, then you're opening the door for massive loss of life within Israel itself." Syria's leader accused Israel of sowing discord by striking in defense of the Druze, who were involved in deadly sectarian clashes that threaten the nation's fragile unity. Washington is also intensifying pressure for de-escalation. CLICK HERE TO GET THE FOX NEWS APP The Trump administration has formally urged Israel to halt its strikes and pursue direct talks with Damascus. Special U.S. envoy Tom Barrack reportedly made several calls to Prime Minister Netanyahu's adviser, Ron Dermer, pressing for restraint. Secretary of State Marco Rubio described the strikes as a "troubling and horrifying situation," adding that the U.S. is "very concerned" and wants the fighting to stop. The Israeli defense ministry could not be reached for comment. Print Close URL
