A Palestinian hacker group has been launching attacks on Israeli companies and agencies for several months — currency it has victimized over 100 organizations.
Palestinian hacker groups have been launching attacks on Israel and other Western superpowers since the beginning of the Israel-Hamas war to varying levels of success. This group has set itself apart with its sophisticated attacks resulting in devastating results.
“Their attacks have not only led to substantial data leaks but have also served as a form of digital retaliation, aligning with broader strategic objectives in the region,” said SOC Radar, an international cyber security company.
The hacker group calls itself Cyber Toufan and is heavily motivated by the geopolitical complexities in the region. Early into its attacks, researchers from Checkpoint noted that the group’s advanced tactics pointed towards nation-state backing.
“The group has demonstrated superior capabilities compared to other pro-Palestinian linked Hamas hacking groups. Their activities, which focus on breaching servers, databases, and leaking information, strongly suggest support from a nation-state, with indications pointing towards Iran as the likely supporter,” explains the International Institute for Counter-Terrorism (ICT).
Several of the victims have not been able to recover from the attacks and have been completely offline for several weeks.
Victims include:
- The Academic College of Tel Aviv
- The Israeli Ministry of Health
- Israel Nature and Parks
- Israel Securities Authority
- Toyota Israel
- The Israeli National Archive
- Homecenter Israel
- And about 100 more.
“Data they have published includes a complete server disk image, SSL certificates with private keys to a host of domains (which still haven’t been revoked and are still in use), SQL and CRM dumps. Even WordPress backups, as apparently people build CRMs on WordPress nowadays,” say researchers.
The hacker group is known for emailing the organization’s clients to disseminate political propaganda.
To date the information of 59 organizations was leaked on the hacker group Telegram — it’s probable more will follow.