Iran suspected of being behind ransomware attacks against Israeli organizations

The Israel National Cyber Directorate issued an urgent alert over the weekend on the matter. Among others, fashion company H&M Israel and logistics company Varitas are currently under attack 

Photo: Bigstock

The Israel National Cyber Directorate issued an urgent alert over the weekend saying that it has identified ransomware attacks in the country. The directorate said that it is possible that the entity responsible for the attacks is also responsible for previous attacks in the campaign attributed to the Pay2Key ransomware group. The current prevailing opinion is that the group is connected to Iran.     

During the last few days, a series of cyberattacks against Israeli companies and organizations have been revealed. The latest target is fashion company H&M Israel, which was attacked by the "n3twOrm" cybercrime syndicate that claims it succeeded in stealing about 110 gigabytes of data from the organization and will post it on Wednesday (May 5) if its demands are not met. Another organization that was attacked in a similar manner last week was logistics company Varitas, whose ransom payment deadline is today, May 3.        

Last week, the cyber directorate issued an alert over Iranian attempts to carry out cyberattacks around May 7, which is Iran's Jerusalem Day, two days before Israel marks its own Jerusalem Day. Last year, thousands of internet sites in Israel were simultaneously defaced via an attack on a single web hosting provider. It is estimated that this year the attacks will not only be focused on damaging sites, but also on damaging data systems of organizations in Israel.       

You might be interested also

Screenshot from the report of Unit 42 from the website of Palo Alto Networks

No longer afraid, hackers advertise malware on dark net  

The research unit of Palo Alto Networks conducted an in-depth study of the activity of the WeSupply website on the dark net, on which cybercriminals openly brag about the way in which the WeSteal software exploits vulnerabilities, and even offer a "subscription service" for its use