Claims of cyberattack on Israeli power plant found to be false: Report

Researchers found claims of hacktivist group Cyber Av3ngers of a cyberattack on Israel’s Dorad power plant to be false

October 18, 2023 04:22 pm | Updated 04:52 pm IST

Reports of a cyberattack on Israel’s Dorad power plant by hacktivist group known as Cyber Av3ngers were found to be false.

Reports of a cyberattack on Israel’s Dorad power plant by hacktivist group known as Cyber Av3ngers were found to be false. | Photo Credit: Reuters

Reports of a cyberattack on Israel’s Dorad power plant by hacktivist group known as Cyber Av3ngers were found to be false, a report from Kaspersky said.

Cyber Av3ngers had claimed responsibility for the cyberattack showcasing PDF files and documents on their Telegram channel as proof. Hackers used a logo with the Palestinian flag colours alongside photos of the alleged attack, to insinuate that the attack was carried out in support.

The attack, however, was not confirmed by the Israeli authorities.

Media reports and analysis by Kasperksy pointed out that the images being shared on Telegram were from an older attack that targeted multiple Israeli companies that was launched by the Moses Staff group in 2022. Moses Staff is alleged to be an Iranian hacker group, first identified on hacker forums in 2021.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

During investigation, “experts have found no evidence linking Cyber Av3ngers with Moses Staff or Cyber Avengers, despite the similarities in names. The individual behind the Cyber Av3ngers Telegram channel may also be attempting to frame Cyber Avengers as impostors” Kaspersky said.

Cyber Avengers is a threat actor group active since 2020. The group is known for targeting Israeli organisations operating critical infrastructure. However, there is little evidence connecting Cyber Avengers threat actor group to Cyber Av3ngers.

On September 15, 2023, a new channel was created on Telegram with the handle @‌CyberAveng3rs. The channel shared messages that link its owners to past activities of “Cyber Avengers”, then adding information on their ideas to target Israeli critical infrastructure, including electrical and water systems.

And while threat actors such as Moses Staff are still active, based on the information provided and its analysis, the Cyber Av3ngers alleged hack is recycled or repurposed from a prior security breach and is not the result of any new unauthorized access to data, Kaspersky said.

“This case underscores the intricate dynamics among hacktivist circles, where rivalry and the pursuit of publicity can lead to misleading claims of cyber aggression. It’s crucial we delve deeply into such incidents to grasp the essence of the compromised data, its origin, and whether any security loopholes were leveraged,” Igor Kuznetsov, Director at Kaspersky’s Global Research & Analysis Team (GReAT), said.

The report comes even as the Israel-Hamas conflict continues on in its second week and hacker groups supporting either side launching cyber-attacks. These attacks include targeting of apps warning Israeli residents of incoming rocket attacks and the official Hamas website by pro-Israeli groups.

Cybercriminals are also using the ongoing conflict to launch spyware attacks targeting Israeli Android users to gain access to sensitive user data.

Top News Today

Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in


Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.