A group of hackers calling themselves Black Shadow threatened on Sunday to reveal the personal details of one million users of Israel’s leading LGBTQ dating site, an attack by some cyber experts linked to Iran.
“If we have $ 1 million in our wallet within the next 48 hours, we will not disclose this information and we will not sell it to anyone,” Black Shadow wrote on Telegram.
Dating site Atraf was compromised after Black Shadow hacked CyberServe, an Israeli internet service provider whose clients include public transport companies, museums and a travel agency.
On Saturday, the group uploaded tens of thousands of recordings from the various sites it had entered, including 1,000 Atraf user profiles.
The files disclosed included the HIV status, sexual orientation and unencrypted passwords of users.
Ran Shalhavi, CEO of The Aguda, the Association for LGBTQ Equality in Israel, told AFP that his organization had extended the hours of its hotline to cope with a flood of worried callers.
“They are exposed, and if they are in the closet, they are exposed to situations that they have never experienced before,” he said, adding that the association was working with different groups to “reduce the damage “.
Libi Oz, spokesperson for Israel’s government-funded National Cyber Security Directorate, said his office had warned CyberServe “on several occasions” that it was vulnerable to attack.
AFP could not reach Atraf for comment and CyberServe did not respond to calls from AFP.
Cyber intelligence researcher Ohad Zaidenberg said the breach appeared to be linked to a hack into Israeli insurance company Shirbit last year, also claimed by Black Shadow, as well as a March attack on the company. Israeli insurance company KLS Capital Ltd.
“Now they’re doing something relatively similar,” Zaidenberg said.
“We know that the attack on Shirbit was Iranian, and so we can say, if it is the same attacker and the attack was Iranian, this attack is Iranian.”
Keren Elazari, cybersecurity expert and researcher at Tel Aviv University, agreed the attack appeared to be Iranian.
“A lot of the hacks we’ve seen are not about the ransom,” she said. “It’s about embarrassing Israeli businesses, embarrassing Israeli citizens.”
She said the pandemic opened up new vulnerabilities for Israeli businesses, as working from home offered less cybersecurity and “increased the opportunities for attacks.”
“CyberServe did not apply the necessary procedures to protect itself,” she told AFP.
© 2021 AFP