(October 31, 2021 / Israel Hayom) An Iranian-affiliated hacker group said on Friday it had hacked the servers of an Israeli web hosting company and threatened to release data on thousands of users.
The group, which calls itself “BlackShadow”, has shut down servers owned by Cyberserve, which provides servers and data storage to companies such as the public news broadcaster Kan in Israel; the Israel Lottery; Birthright; Dan and Kavim public transport companies; the Children’s Museum in Holon; the LGBTQ dating app “Atraf”; the Pegasus travel reservation company; the Israel Children’s Museum; and dozens of others.
BlackShadow first surfaced last year, with a massive breach by Israeli insurance company Shirbit and later KLS Capital. Information on customers of both companies was disclosed in the days following the breach.
“Hello again! We have news for you,” the group said in a Telegram message. “You probably couldn’t log into many sites today. Cyberserve and their customers have been wronged by us.… You have to yourself. ask: what about the data? As always, we have a lot of it. If you don’t want it leaked by us, contact us soon.
While last year’s cyberattack included a clear ransom demand that has increased over time, it’s unclear if hackers plan to follow the same mod this time around.
The fact that the hackers targeted an LGBTQ dating app has caused particular concern among its users, as the hackers have already started to disclose their names.
The Aguda Association for LGBTQ Equality in Israel on Saturday called on the National Directorate of Cyber Security to “act urgently to prevent data leaks,” adding that the disclosure of this personal information is “a danger to [the users’] mental health, ”according to Israeli media.
The BlackShadow hackers leaked information to Kavim on Saturday. The bus company issued a statement saying the company was aware of the violation and alerted the Ministry of Transport and the National Directorate of Cyber Security, and “also hired outside professionals in the field to conduct a full investigation, professional and independent on the incident ”.
The National Directorate of Cyber Security said on Saturday it had “warned Cyberserve several times” over the past year that it was vulnerable to such attacks.
He further advised Israelis whose personal data has been compromised to change their passwords, enable two-factor authentication and remain vigilant of suspicious emails and messages.
This article first appeared in Israel Hayom.