Issued on: 31/10/2021
Tel Aviv (AFP)
A hacking group calling itself Black Shadow threatened Sunday to reveal personal details of a million users of Israeli's leading LGBTQ dating site, an attack some cyber experts linked to Iran.
"If we have 1 Millions $ in our wallet in the next 48 hours, we will not leak this information and also we will not sell it to anybody," Black Shadow wrote on Telegram.
The Atraf dating site was compromised after Black Shadow hacked CyberServe, an Israeli internet service provider whose clients include public transportation firms, museums and a travel company.
On Saturday, the group dumped tens of thousands of records online from the various sites it had penetrated, including 1,000 user profiles from Atraf.
The leaked records included users' HIV status, sexual orientation and unencrypted passwords.
Ran Shalhavi, CEO of The Aguda -- The Association for LGBTQ Equality in Israel, told AFP his organisation had extended its emergency hotline hours to deal with a flood of worried callers.
"They are exposed, and if they are in the closet, they are exposed to situations they never knew before," he said, adding that the association was working with different groups to "reduce damage".
Libi Oz, a spokeswoman for the government-funded Israel National Cyber Directorate, said her office warned CyberServe "several times" it was vulnerable to attack.
AFP was unable to reach Atraf for comment, and CyberServe did not return AFP's calls.
Cyber intelligence researcher Ohad Zaidenberg said the breach appeared to be linked to a hack of Israeli insurance firm Shirbit last year, also claimed by Black Shadow, as well as an attack in March on Israeli insurance company KLS Capital Ltd.
"Now they are doing something relatively similar," Zaidenberg said.
"We know that attack on Shirbit was Iranian, and therefore we can say, if it's the same attacker and that attack was Iranian, this attack is Iranian."
Keren Elazari, a cybersecurity expert and researcher at Tel Aviv University, agreed that the attack appeared to be Iranian.
"A big part of the hacks we've seen is not about ransom," she said. "It's about embarrassing Israeli companies, embarrassing Israeli citizens."
She said the pandemic had opened new vulnerabilities for Israeli firms, as working from home offered less cybersecurity and has "multiplied the opportunity for attacks".
"CyberServe did not apply necessary procedures to protect itself," she told AFP.
© 2021 AFP
Iranian civil defense chief says US & Israel behind cyberattack that disrupted thousands of gas stations this week
The head of Iran’s Civil Defense Organization, Brigadier General Gholamreza Jalali, compared the recent cyber intrusion to last year’s attack on the Shahid Rajaee terminal near the southern port city of Bandar Abbas on the coast of the Strait of Hormuz, and the hack that disrupted the country’s rail service in July.
Reuters quoted Jalali as saying on Iranian state TV that while he was “still unable to say forensically,” he believed “analytically” the US and Israel were responsible for the attack. The general added that “internal factors” may have been involved as well, and said security services were investigating the matter.
“This attack is similar to cyberattacks on the railways and Shahid Rajaee, and we think it was definitely carried out by the Americans and the Zionists,” Jalali was quoted by IRNA as saying, referring to the Israeli government.
Iran has seen a wave of explosions, fires, and cyberattacks on critical infrastructure since the beginning of last year amid heightened tensions with Washington and Tel Aviv. Iranian officials regularly accuse the US and Israel of carrying out various subversive activities on Iranian soil. American and Israeli officials either deny or do not comment on such claims.
Iranian President Ebrahim Raisi confirmed on Wednesday that a cyberattack had disrupted the work of thousands of gas stations across the country. The intrusion disabled the government-issued smart cards that many drivers use to buy fuel.
Raisi said hackers wanted to make “people angry by creating disorder and disruption.” Jalali told IRNA on Sunday that 60% of the stations resumed work 12 hours after the hack.
Israeli media reported this week that the Black Shadow hacker group had broken into the servers of an Israeli internet hosting company, Cyberserve, bringing down a number of websites, including a data storage company, a transport company, and an LGBT dating service. According to reports, the group, which has targeted Israeli companies in the past, has links to Iran.
No comments:
Post a Comment