search

Suspected Iranian hackers publish user information from Israeli LGBT site

Names, locations of ‘Atraf’ clients exposed; other Israeli sites, including public transportation companies, also experience breach

Participants fly an Israeli and pride flag at demonstration in Tel Aviv on July 22, 2018, to protest a new surrogacy law that does not include gay couples. (AFP PHOTO / JACK GUEZ)
Participants fly an Israeli and pride flag at demonstration in Tel Aviv on July 22, 2018, to protest a new surrogacy law that does not include gay couples. (AFP PHOTO / JACK GUEZ)

Hackers believed to be linked to Iran have breached an Israeli internet hosting company, taking down several of its sites. The hackers on Saturday night released some alleged personal information online, including from an LGBT dating site, according to Hebrew media reports.

“Atraf,” a geo-located dating service as well as a nightlife index, is a popular app and website in the Israeli LGBT community, especially in the Tel Aviv area.

According to Hebrew media sites, names of “Atraf” users and their locations were posted online. The data leak had worried users it could expose those still in the closet.

The hackers said the information leaked online represented just 1 percent of the data acquired in the breach.

The cyberattack also hit websites including of Israeli public transportation companies Dan and Kavim, a children’s museum and public radio’s online blog, with none of the sites available to users by midday Saturday. The attack also targeted the tourism company Pegasus; and Doctor Ticket, a service that could have sensitive medical data, according to Hebrew media.

The hacking group known as Black Shadow claimed responsibility for the attack and published what it said was client data, including the names, email addresses and phone numbers of Kavim clients, on the Telegram messaging app.

“Hello Again! We have news for you,” the hackers wrote in a message on Telegram on Friday night.

“You probably could not connect to many websites today. ‘Cyberserve’ company and their customers (were) hit by us,” it said.

“If you don’t want your data leak(ed) by us, contact us SOON.”

Later another message read: “They did not contact us… so (the) first data is here,” with the group dumping the information online.

Later Saturday, the group issued another message claiming to have more data, and posted what it said was information pertaining to clients of the Dan transportation company and a travel agency.

Israeli media said Black Shadow is a group of Iran-linked hackers who use cyberattacks for criminal ends.

The group breached Israel’s Shirbit insurance firm in December last year, stealing a trove of data.

It demanded a $1 million ransom and began leaking the information when the firm refused to pay.

The new attack comes after an unprecedented, unclaimed cyberattack wrought havoc on Iran’s gas distribution system this week.

Iranian media have pointed the finger at government opponents abroad.

Iran and Israel have been engaged in a so-called “shadow war,” including several reported attacks on Israeli and Iranian ships that the two have blamed on each other, as well as cyberattacks.

In 2010 the Stuxnet virus — believed to have been engineered by Israel and its ally the US — infected Iran’s nuclear program, causing a series of breakdowns in centrifuges used to enrich uranium.

read more:
comments
Never miss breaking news on Israel
Get notifications to stay updated
You're subscribed