Sunday, September 8, 2024
HomeCyber Security NewsResearchers Uncovered the Hack of a Private Power Station in Israel

Researchers Uncovered the Hack of a Private Power Station in Israel

Published on

In the continuing Israel-Palestine conflict, there has been a noticeable rise in hacktivist groups who are planning an unending attack against a variety of targets on both sides of the conflict.

On October 8, the Cyber Av3ngers group revealed a significant hack on the Israeli Dorad private power station. The organization posted images of the allegedly hacked site and a logo that used the colors of the Palestinian flag and political sentiments, implying that the hack was in favor.

To support their claim that the Dorad website was the victim of a DoS attack, the hackers also provided proof of their DDoS success.

- Advertisement - EHA

Kaspersky examined the information released by Cyber Av3ngers and discovered that it was derived from earlier disclosures by Moses Staff, a different hacktivist collective.

Who are the Cyber Av3ngers?

The threat actor “Cyber Avengers” is a group with a similar name that has been operating since at least 2020. There isn’t much proof that the Cyber Avengers are related to the Cyber Aveng3rs or the Cyber Av3ngers.

They primarily target Israeli organizations, particularly those maintaining the nation’s vital infrastructure. 

A new Telegram channel named @CyberAveng3rs was launched on September 15, 2023. The channel first posted statements connecting its owners to the previous actions taken by “Cyber Avengers.” Then, it added messages outlining its plans to attack Israeli key infrastructure, such as the water and electrical systems.

The most recent post on the channel discussed a security guideline the Israeli government had produced for infrastructure security and released. The Cyber Avengers team issued the instructions and the list of targets in mockery. Eight firms have been included on the list.

Dorad Private Power Plant Attack

The archive, which contained stolen information from several Israeli businesses, was originally released by Moses Staff in June 2022. 11 files that were part of the Dorad private power plant attack have timestamps from August 2020, but the timestamps on the compression are dated June 14, 2022. 

The data in the archive included PNG and JPEG images as well as PDF documents. Along with the data disclosure, the attackers also released a video.

Particularly, when researchers compare the originals from the Moses Staff archive with the pictures released by Cyber Av3ngers, it has been observed that Cyber Av3ngers captured pictures from the video and PDF files that the Moses Staff leaked. Also, Cyber Av3ngers cropped the images and added a logo image before posting. 

As a whole, it appears that Moses Staff’s hacking activities caused the data to be leaked. The files appear to have been removed from computers belonging to the targeted company using malware, and this threat actor carried out these actions using specialized tools like PyDCrypt, DCSrv, and StrifeWater.

Reports say there is typically no way to pay the ransom and decrypt the data because the Moses Staff organization is not interested in making money and instead aims to harm.

Final Words

“The Cyber Av3ngers alleged hack is recycled or repurposed from a prior security breach and is not the result of any new unauthorized access to data”, researchers said.

Therefore, this highlights The significance of robust cybersecurity measures to guard against new and ongoing threats to IT and OT systems.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Vulnerabilities in IBM Products Let Attackers Exploit & Launch DOS Attack

IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and...

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Vulnerabilities in IBM Products Let Attackers Exploit & Launch DOS Attack

IBM has issued a security bulletin addressing critical vulnerabilities in its MQ Operator and...

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...