‘Black Shadow’ Infiltrates Israeli Finance Firm, Demand $570,000 in Ransom

pexels tima miroshnichenko 5380641 2

 

The private information of thousands of Israelis was compromised on Saturday following a cyberattack on the database of a major Israeli financial service firm. The hacking group called ‘Black Shadow’ announced Saturday that it has managed to access the servers of an Israeli financial service firm, KLS capital. 

“We are here to inform you a (sic) cyber-attack against K.L.S CAPITAL LTD which is in Israel. Their servers are down and we have all their clients’ information. We want to leak some part of their data gradually. Part of our negotiation will be published later,” the group wrote on the Telegram app.

The hackers demanded 10 bitcoins ($60,000) in ransom from the Israeli investment firm, but it refused to negotiate. As a result, the hacker group leaked the obtained data on their Telegram channel. Black Shadow is the same hacking group that carried out a major cyberattack against Shirbit insurance company in December. 

A few hours before making the declaration, the hacking group deliberately published blurred images of the identification cards of two people who work with the firm. A few minutes after the announcement, they published a few more documents and have since published dozens of additional documents including identity cards, letters, invoices, images, scanned checks, database information, and much more, including the private information of the CEO of the firm.

Last year in December, a prominent cybersecurity firm reached out to KLS Capital and alerted them of a potential breach, flagging a vulnerability associated with their use of a so-called VPN. They said there was a simple ‘patch’ that could provide a solution; however, it appears that no action was taken at the time.

In response, KLS capital stated: “The Israeli cyber authority reached out to us three days ago to warn us against a looming cyber attack against us. This attack is very similar to other attacks Iran and its proxies have conducted against Israeli targets – including private and public bodies. Our management acted immediately to take down our servers and join forces with the national cyber directorate – which together with our experts are examining the event.” 

In recent months, threat actors targeted several Israeli organizations including Shirbit insurance company, the Amitial software company, Ben-Guiron University of the Negev, and Israel Aerospace Industries.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source