Pro-Palestinian hackers say they breached dozens of Israeli entities amid the ongoing war in Gaza, which has also extended into cyberspace.
A group calling itself Cyber Toufan said it launched an operation against Israel at the end of November, promising to publish leaked information from hacked websites every day throughout the month.
Cybersecurity researchers said that in many cases, the data appears to be real.
The list included not only Israeli companies but also foreign firms doing business with the country such as SpaceX, Toyota and IKEA. The hackers weren't too selective in picking their targets; they claim to have attacked cybersecurity firms, government agencies, as well as e-commerce platforms, manufacturing companies, schools, colleges, and even a swimming pool cleaner company.
According to Beaumont, the group has started emailing customers of cybersecurity companies, asking them to boycott various vendors that operate in Israel.
Some of the cyber companies contacted by Recorded Future News have not yet responded to the requests for comment.
Beaumont mentioned that about a third of the companies targeted by Cyber Toufan still haven't recovered after being wiped.
Cyber Toufan dismissed the claim that all the leaks are connected to the Signature-IT hack.
Check Point called Cyber Toufan an Iranian threat actor.
After the October 7th attacks by the Palestinian militant group Hamas, the ongoing war has also led to an escalation in cyberspace, with various hacktivists and nation-state hackers taking sides in the conflict.
Hacktivists are using tactics similar to what was seen at the beginning of the Ukraine-Russia war: leaking stolen documents and launching distributed denial-of-service and defacement attacks on government websites, media outlets, and critical infrastructure.
In December, for example, a cyberattack disrupted the operation of gas stations throughout Iran, an ally of Hamas.
Iranian authorities attributed the attack to Israel and the U.S. Many groups involved in the cyberwar with Israel are affiliated with Iran.
Among them are CyberAv3ngers and Cyber Toufan, according to Check Point.
Their operations often involve claims of retaliation against U.S. entities for using Israeli technology, reflecting a strategy of dual retaliation, the company said in a recent report.
Cyber Toufan often changes tactics depending on what's happening on the battlefield, Check Point told Recorded Future News.
They halted the leaks during a recent cease-fire.
According to Check Point, Google has blocked the hackers' Telegram channel where they publish leaks, but it is still visible on Apple devices.
New malware found in analysis of Russian hacks on Ukraine, Poland.
Daryna Antoniuk is a freelance reporter for Recorded Future News based in Ukraine.
This Cyber News was published on therecord.media. Publication date: Mon, 01 Jan 2024 21:29:04 +0000