Black Shadow leaks more data after deadline passes


Black Shadow threatened to more data leak he got the gay dating app Atraf’s database hacked in its attack on Israeli internet company Cyberserve, after a 48-hour deadline it set to respond to its request for $ 1 million dollars exceeded Tuesday.

“48 hours over! Nobody sends us money. They try to chat with us, we will show you our chats. The data will be uploaded soon. his Telegram channel.

In its latest attack on an Israeli company, Black Shadow leaked data from a number of companies served by Cyberserve, including Atraf, bus companies Kavim and Dan, and travel reservation company Pegasus.

The latest attack was announced by the group on Friday, with Black Shadow claiming to have damaged the servers. Cyberserve is a web hosting company, which means it provides servers and data storage to other companies in all industries. The data captured by the hackers comes from a wide variety of companies, from travel and bus booking companies to the Israel Children’s Museum.

The group promised that if it got the ransom it would not disclose the information of about a million people it had gathered from Atraf. The group made no promises regarding the other data it had collected.

An information analyst works in front of a screen displaying a near real-time map of cyberthreats; California, December 29, 2014 (credit: REUTERS / BECK DIEFENBACH)

In screenshots of discussions Black Shadow claims to have had with company officials, one of them offered the group $ 250,000 in bitcoins and asked them not to tell others they had. received the money.

In response, the group pointed out that it had the information of a million people and that the ransom could be paid if each person contributed a dollar, with the alleged representative responding that the offer made by the company was their only offer.

“Do you really want to mess with [the] Israeli government because it will end badly for you, ”wrote the alleged representative, who continued to ask the group what it would gain from releasing the information.

BLACK SHADOW said it would “grab attention” by releasing the data. The representative warned the group that Israeli “cybercrime investigators” would come after the group and that they would not get any money if they did not accept the offer, which they raised to $ 350,000. in bitcoins.

The screenshot conversation was conducted in broken English. Black Shadow ended the conversation by saying that the representative’s “friend” had said “nobody cares”, without specifying who the intended “friend” was.

Cyberserve pointed out on Tuesday in response to Black Shadow’s claims that the chat was not conducted by the company, or a representative working on its behalf, adding that it did not conduct and does not conduct negotiations with the attackers.

“You must not under any circumstances submit to the demands of the attackers,” Israel Internet Association CEO Yoram Hacohen said Sunday in response to Black Shadow’s demands.

“There is no guarantee that if the amount is paid, the information will not be released and, more importantly, such surrender will lead to further and increased attacks due to what is seen by them as an exploit. “, he warned. “Additionally, if private surfers receive any messages with demands for ransom payments, they should immediately report it to the police and take no further action.

“What needs to be done now is to refine the online security and privacy regulations and provide all support, physically and mentally, to those about whom information has come to light,” Hacohen said. .

The ISRAEL Internet Association and Agudah – the Association for LGBTQ Equality in Israel – advised those affected by the cyberattack to make sure to change their usernames and passwords and use words strong pass. The two stressed that in any incident of ransom demand or blackmail, those concerned should contact the Israel Police.

“The natural human tendency may be to succumb to the demands of attackers, but past experience shows that there is no guarantee that personal content will be removed. In addition, it is an opening that can lead to demands for additional ransoms, ”stressed the two organizations. They also advised those affected to notify social media platforms if their information is published there.

Those concerned in the lesbian, gay, bisexual and transgender community can contact a hotline set up by Agudah from Sunday to Thursday evening from 5:00 p.m. to 7:00 p.m. again from 7:30 a.m. to 10:30 a.m. on * 2982 and on WhatsApp on 058 -620- 5591.

Black Shadow is responsible for previous attacks on Israeli companies, such as auto insurance company Shirbit and finance company KLS. In the attacks, the companies involved claimed the group was Iranian, despite the claims being rejected by cybersecurity experts.

Yigal Unna, head of the National Directorate of Cyber ​​Security, told Army Radio on Sunday that Black Shadow appears to be a criminal group with an “anti-Israel flavor,” adding that “it could be because they are from one source or another, but it is not fundamentally different from what is happening all over the world.

Cyber ​​security consultant Einat Meyron said in response to the latest Black Shadow attack that “the identity of the attacking group is a little less important.

“On the side of the attacked companies – for insurance and reputation reasons – it is clear that they will want to blame the attack on Iran,” she said. “In practice, it is not necessary to make it easier for attackers to refrain from exercising basic defenses.

The cybersecurity consultant also stressed that “it is necessary to prove beyond any doubt that it is an Iranian group. And this is neither trivial nor significant because of the effect of the slander – and because an Iranian attribution does not necessarily indicate that it was an “Iranian mission”.

Meyron further explained that a group working for the Iranian regime is unlikely to “waste energy” on recordings from random sites, but rather aim to cause significant damage to critical infrastructure.

Leave A Reply

Your email address will not be published.