ProPalestinian operation claims dozens of data breaches against Israeli firms
pppProPalestinian hackers say they breached dozens of Israeli entities amid the ongoing war in Gaza which has also extended into cyberspaceppA group calling itself Cyber Toufan said it launched an operation against Israel at the end of November promising to publish leaked information from hacked websites every day throughout the monthppEarlier this week the group said on its Telegram channel that it had fulfilled its promise and released stolen data from 60 sites Cybersecurity researchers said that in many cases the data appears to be realppThe list included not only Israeli companies but also foreign firms doing business with the country such as SpaceX Toyota and IKEAppThe hackers werent too selective in picking their targets they claim to have attacked cybersecurity firms government agencies as well as ecommerce platforms manufacturing companies schools colleges and even a swimming pool cleaner companyppCybersecurity researcher Kevin Beaumont called the group incredibly well organized and disruptiveppThey are not a lame DDoS group nor are they doing financial extortion They are wiping large numbers of organizations he said I have spoken to a few of the named victims and they are still offline weeks later with limited recovery options as backups were erasedppAccording to Beaumont the group has started emailing customers of cybersecurity companies asking them to boycott various vendors that operate in IsraelppSome of the cyber companies contacted by Recorded Future News have not yet responded to the requests for comment Beaumont mentioned that about a third of the companies targeted by Cyber Toufan still havent recovered after being wipedppResearchers at Tel Avivbased Check Point told Recorded Future News that the groups leaks seem genuine The company also said that the hackers leaks appear to result from a major attack on an Israeli hosting company named SignatureIT The company has not responded to a request for commentppCyber Toufan dismissed the claim that all the leaks are connected to the SignatureIT hack We will be releasing more behind the scenes of the operation once the month of leaks completes the hackers saidppCheck Point called Cyber Toufan an Iranian threat actor Another cyber firm SOC Radar said that the groups tactics and scale of operations bear the hallmarks of a sophisticated entity potentially statesponsoredppCyber Toufan has not commented about its originsppThe Israeli media and Israels top cybersecurity firms seem pretty confident in their attribution of us and our work to one foreign state entity or another We are not surprised the hackers saidppThe lies they tell themselves about the capabilities of the resistance is what allowed us to strike as hard as we did on October the 7th all under the noses of their very own intelligence and military apparatus they addedppAfter the October 7th attacks by the Palestinian militant group Hamas the ongoing war has also led to an escalation in cyberspace with various hacktivists and nationstate hackers taking sides in the conflictppHacktivists are using tactics similar to what was seen at the beginning of the UkraineRussia war leaking stolen documents and launching distributed denialofservice and defacement attacks on government websites media outlets and critical infrastructureppSome operations are more sophisticated In December for example a cyberattack disrupted the operation of gas stations throughout Iran an ally of Hamas Iranian authorities attributed the attack to Israel and the USppMany groups involved in the cyberwar with Israel are affiliated with Iran Among them are CyberAv3ngers and Cyber Toufan according to Check Point Their operations often involve claims of retaliation against US entities for using Israeli technology reflecting a strategy of dual retaliation the company said in a recent reportppCyber Toufan often changes tactics depending on whats happening on the battlefield Check Point told Recorded Future News For example they halted the leaks during a recent ceasefireppAround 10 Iranianbacked hacking groups are attacking Israel mostly with less visibility and public noise but Cyber Toufan is the most notorious among them researchers saidppAccording to Check Point Google has blocked the hackers Telegram channel where they publish leaks but it is still visible on Apple devicesppIn the post announcing the latest leak the group said that the end of the current operation is not the end of Cyber ToufanppAs long as our brothers keep striking the occupying forces on the ground well continue targeting them and their interests in the cyber domain whether publicly or without a trace the hackers addedppDaryna Antoniuk is a reporter for Recorded Future News based in Ukraine She writes about cybersecurity startups cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia She previously was a tech reporter for Forbes Ukraine Her work has also been published at Sifted The Kyiv Independent and The Kyiv Postpp Copyright 2024 The Record from Recorded Future Newsp