Suspected Iranian hacking hits Israeli LGBT site; users fear privacy leaks

An Israeli LGBT-focused dating service was one of the many sites targeted by a hack on an Internet hosting company that worried users of a potential data leak that could reveal those who were still in the closet.

“Atraf”, a geo-located dating service as well as a nightlife index, is a popular app and website in the Israeli LGBT community, especially in the Tel Aviv area.

Hackers apparently linked to Iran said on Friday that they had hacked into the servers of the Israeli internet hosting company Cyberserve and brought down a number of widespread websites.

The Black Shadow group, which Hebrew-language media report was Iranian, warned the Israeli company that it was in possession of data that could be leaked. The group has not confirmed that it is backed by Tehran.

“Hello again! We have news for you,” the hackers wrote in a message circulating on social media Friday night. “You probably could not connect to many websites today. ‘Cyberserve’ company and their customers [were] hit by us. You may ask, what about data? As always, we have plenty of it. If you do not want your data leaked by us, please contact us soon. “

It was not clear what data the hacker group would leak, but with the sensitive personal information about Atraf, users who had not come out were worried that their names could be released, according to Hebrew-language media reports.

“I’m just shaking with fear,” an unnamed user of the app told the news site Ynet. “I’m a gay man in the closet, use the app a lot and have personal photos there … I do not know what to do or who to turn to.”

The Aguda Association for LGBT Equality in Israel on Saturday called on the National Cyber ​​Directorate to “act swiftly to prevent data leaks”, adding that such release of such personal information is “a danger to [the users’] mental health. “

The directorate said on Saturday that it had warned Cyberserve several times in the past year that the internet hosting company was vulnerable to such attacks. The National Cyber ​​Directorate also advised Israelis whose personal data was covered to change their passwords, enable two-factor authentication, and remain vigilant against suspicious emails and messages.

On this October 8, 2019 file image, a woman is typing on a keyboard in New York. (AP Photo / Jenny Kane, Fil)

Black Shadow stole a large amount of information from the Israeli insurance company Shirbit last year and then sold it on the dark web when the company refused to pay a ransom.

Cyberserve’s customers include Dan and Kavim public transport companies, the Children’s Museum in Holon, Pegasus travel company and Kan public broadcasters blog page.

A number of Cyberserve’s customer websites were not available Saturday afternoon.

Last year, Black Shadow attacked insurance company Shirbit and initiated ransom negotiations, but the company said it would not pay, leading to the dark web sales of information stolen from the company.

Many of Shirbit’s clients are from the public sector, and photos of private documents released included vehicle registration and credit card information for an employee of the president’s residence, as well as personal correspondence and a marriage certificate, as well as the president’s personal information of Tel Aviv District Court.

Anonymous Israeli officials told Channel 12 News at the time of the attack that they believed a state was behind the Black Shadow attack. However, they did not name the country.

Israel and Iran have been involved in a years-long shadow war, in which Israel has reportedly directed most of its efforts – including several suspected cyber attacks – to sabotage the Islamic Republic’s nuclear program.

This week, an unprecedented cyber attack destroyed Iran’s subsidized fuel distribution system.

A gas station is seen empty because the pumps are out of order, in Tehran, Iran, on Tuesday, October 26, 2021. (AP Photo / Vahid Salemi)

Abolhassan Firoozabadi, a top official of Iran’s top council for cyberspace, told state television station IRIB that the attack had apparently been carried out by a foreign country, even though it was too early to name suspects. He also linked the attack with another targeting Iran’s rail system in July.

The next day, an Iranian official tweeted in Hebrew that the “enemy’s goal” of provoking unrest through gas shortages had been thwarted.

Numerous suspected Iranian cyber attacks on Israel have been reported in recent years, including one that targeted its water infrastructure by 2020.

Microsoft said this month that Iran had quadrupled its hacks on Israel in the past year.

“Microsoft discovered an increased focus from a growing number of Iranian groups targeting Israeli devices … and with that focus came a series of ransomware attacks,” the company’s annual Digital Defense Report states.

Google has also warned of an increase in state-sponsored hackers with a report focusing on the “notable campaigns” of a group affiliated with Iran’s Revolutionary Guards.

Learn Hebrew in a fun, unique way

You get Israel news … but you do FEW that? Here is your chance to understand not only the big picture that we cover on these pages, but also critical, juicy details about life in Israel.

IN Streetwise Hebrew for Times of Israel Community, each month we learn several Hebrew phrases around a common theme. This is bite-sized Hebrew audio tutorial that we think you will really enjoy.

Learn more Learn more Already a member? Log in to stop seeing this

You’re serious. We appreciate that!

That’s why we come to work every day – to give discerning readers like you must-read coverage of Israel and the Jewish world.

So now we have a request. Unlike other news media, we have not created a payment wall. But since the journalism we do is expensive, we invite readers for whom The Times of Israel has become important to help support our work by joining The Times of Israel Community.

For as little as $ 6 a month, you can help support our quality journalism while enjoying The Times of Israel AD-FRI, as well as access to exclusive content available only to members of the Times of Israel Community.

Join our community Join our community Are you already a member? Log in to stop seeing this

Leave a Comment