Cyber Warfare – Israel Under Attack 

In the past few months, Israel has been facing targeted attacks from different hacker groups. While some threat actors target big organizations in Israel and direct ransomware attacks at them, others are hacking websites and defacing them for spreading anti-Israel messages.  

Defacement Attacks Against Israeli Websites 

The hacker group ‘Hackers of Saviour’ has been continuously hacking Israeli websites and posting anti-Israel messages on the Homepages of the websites. We saw the same incident in the past, when the same hacking group defaced close to 2,000 Israeli websites in May 2020. 

Publishing Hacked data on Cybercrime forums 

On May 1, 2021, the hacker group has created a handle with the name “HackersOfSaviour” on a popular cybercrime forum.  

Figure 2 Profile of hacker Group 

Fig 3 showcases a post by the hacker group allegedly claiming to have confidential Israeli bank data.  

Figure 3 Post by the Group 

The hacker group also shared a Sample showing details of Israeli people. The data set has fields like the first name, last name, email address, phone number, Card number, Month and Year of card expiry, CVV, City Name, etc. 

In Fig 4, we can see a snippet of the sample shared by the hacking group. 

Figure 4 Sample shared by the group 

The Hackers of Saviour group also made claims to have hacked Israeli government websites and accessed data related to the identity of millions of Israeli citizens.  

Figure 5 Israeli citizens identity 

In addition to Hackers of Saviour, another hacking group has been attacking Israel-based organizations using a ransomware named N3tw0rm. So far, the ransomware has hacked three big organizations of Israel and published their data on their websites, as seen in fig 6. 

Figure 6 Ransomware attack on Israeli organizations 

Cyble is continuously monitoring for these kinds of cyberattacks using its Darkweb and cybercrime monitoring capabilities to inform clients of such threats before they can take place.Page Break 

Our Recommendations:  

  • Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic.   
  • Always check for proper input sanitization which may cause xss, or Sql injection vulnerability.  
  • People concerned about their exposure in the Dark web can register at AmiBreached.com to ascertain their exposure. 
  • Give Admin privileges to only trusted and audited applications.   

About Cyble:  

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com.   

Leave a Comment

Your email address will not be published.

%d bloggers like this: