EXCELLENT: Iranian hackers target Israeli firms in double extortion ransomware attack

(005320.38-:E-003569.93:N-HO:R-SU:C-30:V)   


Jan‘s Advertisement
History Reviewed: Get a Daily Email Alert
You will get one email per day with a list of the videos and articles posted on the website. You can unsubscribe at any time.


[Israel is operating in Iranian territory and Israel is killing people inside Iran. So it's nice to see the Iranians finding ways of hitting back at Israel. Jan]

According to Israeli cyber security company Check Point, the ransom payments were traced to an Iranian bitcoin site available only to Iranian citizens.

(November 15, 2020 / Israel Hayom) Iranian hackers were behind the Pay2Key ransomware attack on dozens of Israeli companies last week, according to the Israeli cyber security firm Check Point, which worked with the Israeli blockchain intelligence firm Whitestream to discover the source of the attack.

From each of the companies that fell prey to the attack, the hackers demanded payment of seven to nine bitcoins, worth some NIS 375,000-NIS 475,000 shekels ($111,000-$141,000).

Check Point reported that after four of the firms decided to pay the ransom to release their data, it tracked the bitcoin transactions carried out by the hackers and identified them as Iranian.

The tracing process began with the addresses of the bitcoin wallets to which the victims were instructed to send their ransom payments. Eventually, the transactions wound up in wallets belonging to Excoino, an Iranian entity that supplies secure business services in cryptocurrency.

Excoino only works with Iranian citizens. To sign up for the service, a potential user must have a valid Iranian phone number as well as an Iranian identity number. The service also demands a copy of the account holder’s ID, as well, all of which led Check Point to the conclusion that the hackers were Iranians.

Check Point explained that this latest attack used the “double extortion” method on its victims, a new development in ransomware attacks. In the double extortion model, hackers not only encode a company’s data, blocking access to it, they also threaten to steal data and leak it if their demands for payment are not met.

To show what can happen when companies do not comply with their demands, the operators of the Pay2Key scam created a dedicated website on which they post content stolen from companies who refused to pay them. These include three Israeli companies.

This article first appeared in Israel Hayom.

Source: https://www.jns.org/iranian-hackers-target-israeli-firms-in-double-extortion-ransomware-attack/?utm_source=The+Daily+Syndicate&utm_campaign=0a20c7f19f-Daily+Syndicate+11-15-20+%28new%29&utm_medium=email&utm_term=0_8583953730-0a20c7f19f-57314731



Jan‘s Advertisement
Video & Article: WHY CHINA WILL LOSE & BE TORN APART IF IT INVADES TAIWAN My Military Analysis
This is a written analysis I did in 2021 and it contains links to other articles and also videos. I explain why China will be unable to conquer Taiwan and what the USA and it‘s Allies are capable of.

%d bloggers like this:
Skip to toolbar