The Israeli hosting provider Cyberserve has been hacked by the BlackShadow - an Iranian state-sponsored hacking organization to acquire client records and impair the company's services.
Cyberserve is a web development and hosting company headquartered in Israel that is employed by a variety of organizations, including local radio stations, museums, and educational establishments.
Beginning on Friday 29th of October, users seeking to access the website hosted by Cyberserve were faced with website problems and notifications indicating that the site was unreachable due to some kind of cybersecurity problem.
A hacker organization known as BlackShadow claimed credit for the Cyberserve assault and is extorting the hosting firm as well as its users for $1 million in bitcoin in exchange for not leaking stolen data.
The extortion demand had a 48-hour deadline beginning on Saturday 30th of October, but the hackers almost instantly disclosed a sample of 1,000 documents to establish their point.
A database holding the personally identifiable information of a big LGBT site called 'Atraf' was stolen as part of the data breach, making the security event highly serious. Putting LGBT individuals in traditional communities at-risk places them in a situation of danger, both physically and mentally.
"Atraf's team did not contact us for any deals yet so we collected 50 famous Israeli that were surfing and we leak their video's," threatened the hacking group on Telegram.
A number of websites hosted by CyberServe, including Atraf, are offline, suggesting that the firm is still addressing the attack.
This assault has also impacted the following websites:
- The Kavim (Dan Bus) public transportation firm.
- The Kan public broadcaster.
- The Pegasus travel agency.
- The Holon Children's Museum.
BlackShadow is an Iranian state-sponsored hacker outfit with verified ties to the Pay2Key ransomware strain, that has been used against Israeli targets on many occasions. In contrast to traditional ransomware assaults, the threat actors driving BlackShadow are not thought to be monetarily motivated.
According to Omri Segev Moyal, co-founder and CEO of Israeli cybersecurity firm Profero, these hacker organizations' activities are retaliatory and intended to undermine Israeli interests.
"The recent attacks from the so-called 'BlackShadow' are just another cycle of the clandestine Iran-Israeli war. It’s a well-constructed InfoOp combined with very weak hacking skills to hurt Israel. We assume the current cycle is also in retaliation for the attack against the gas pumps in Iran last week." - Omri Segev Moyal.
