Reports of a cyberattack on Israel’s Dorad power plant by hacktivist group known as Cyber Av3ngers were found to be false, a report from Kaspersky said.
Cyber Av3ngers had claimed responsibility for the cyberattack showcasing PDF files and documents on their Telegram channel as proof. Hackers used a logo with the Palestinian flag colours alongside photos of the alleged attack, to insinuate that the attack was carried out in support.
The attack, however, was not confirmed by the Israeli authorities.
Media reports and analysis by Kasperksy pointed out that the images being shared on Telegram were from an older attack that targeted multiple Israeli companies that was launched by the Moses Staff group in 2022. Moses Staff is alleged to be an Iranian hacker group, first identified on hacker forums in 2021.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
During investigation, “experts have found no evidence linking Cyber Av3ngers with Moses Staff or Cyber Avengers, despite the similarities in names. The individual behind the Cyber Av3ngers Telegram channel may also be attempting to frame Cyber Avengers as impostors” Kaspersky said.
Cyber Avengers is a threat actor group active since 2020. The group is known for targeting Israeli organisations operating critical infrastructure. However, there is little evidence connecting Cyber Avengers threat actor group to Cyber Av3ngers.
On September 15, 2023, a new channel was created on Telegram with the handle @CyberAveng3rs. The channel shared messages that link its owners to past activities of “Cyber Avengers”, then adding information on their ideas to target Israeli critical infrastructure, including electrical and water systems.
And while threat actors such as Moses Staff are still active, based on the information provided and its analysis, the Cyber Av3ngers alleged hack is recycled or repurposed from a prior security breach and is not the result of any new unauthorized access to data, Kaspersky said.
“This case underscores the intricate dynamics among hacktivist circles, where rivalry and the pursuit of publicity can lead to misleading claims of cyber aggression. It’s crucial we delve deeply into such incidents to grasp the essence of the compromised data, its origin, and whether any security loopholes were leveraged,” Igor Kuznetsov, Director at Kaspersky’s Global Research & Analysis Team (GReAT), said.
The report comes even as the Israel-Hamas conflict continues on in its second week and hacker groups supporting either side launching cyber-attacks. These attacks include targeting of apps warning Israeli residents of incoming rocket attacks and the official Hamas website by pro-Israeli groups.
Cybercriminals are also using the ongoing conflict to launch spyware attacks targeting Israeli Android users to gain access to sensitive user data.
COMMents
SHARE