Moses Staff hackers target Israeli engineering companies

A group of hackers called Moses Staff claimed on Tuesday that it had successfully carried out a cyberattack against three Israeli engineering companies, less than two weeks after the same group leaked files it claimed to have obtained in an attack on the Defense Ministry. .

The group announced Tuesday that it had targeted Ehud Leviathan Engineering, David Engineers and HGM Engineering in its latest attack.

The leaked data from the three companies includes projects, maps, contracts, photographs, letters, and video conference images.

Moses Staff stated that the information that had been leaked did not include everything they had obtained and that little by little they would release the rest.

Unlike the Black Shadow hacker group that also targeted Israeli companies recently, Moses Staff didn’t ask for money or anything else.

The leaked documents included documents on infrastructure projects, including roads and public water systems. Some of the leaked documents even included a tender and other documents related to the construction of the new city entrance project that is currently underway at the entrance to Jerusalem.

Identification cards and insurance documents were also leaked in the attack.

The Moses Staff website claims that the group has hacked more than 165 servers and 254 websites and compiled more than 11 terabytes of data, including Israel Post, the Ministry of Defense, files related to Defense Minister Benny Gantz, the Electron Csillag company and Epsilor company.

“We have been monitoring them for many years, at every moment and at every step,” the group wrote in announcing the attack on the Defense Ministry on its Telegram channel last week. “All of his decisions and statements have been under our watch. Eventually, we will hit him like he never imagined.”

Moses’ staff claimed in the announcement to have access to confidential documents, including reports, operational maps, information on soldiers and units, and letters and correspondence. “We are going to publish this information conscientiously [sic] everyone about the crimes of the Israeli authorities, ”the group warned.

Files leaked in the earlier attack included photos of Gantz and IDF soldiers and a 2010 letter from Gantz to the deputy chief of the joint staff and intelligence chief for the Jordanian Armed Forces. The leaked files also included Excel files that allegedly contained the names, identification numbers, emails, addresses, phone numbers, and even the socioeconomic status of the soldiers, mechina pre-military students, and people related to the Ministry of Defense.

The group stated on its website that it is targeting the same people who “did not tolerate” the legitimacy of Moses, apparently the reason for the name Staff of Moses.

The group’s description says that it will not forget “the soldiers whose blood is shed due to wrong policies and fruitless wars, the mothers who cry for their children and all the cruelty and injustice were [were] done to the people of this nation. “The group did not clarify in its description which soldiers it was referring to.

So far it is unclear whether the group acts independently or is backed by a state.

A hacker is depicted in this illustrative photo (credit: courtesy)

Moses’ staff leaked identifying information, addresses and information on packages from an attack he claims to have carried out on the Israel Post. The group also leaked photographs of the identity documents of various companies that it claims to have attacked.

The group’s website also has a contact form for those interested in joining the group.

THE NATIONAL Cyber ​​Directorate stated in response to the leaks last week that it has repeatedly warned that hackers are exploiting a vulnerability in the Exchange email service to attack organizations, according to Ynet.

“Management once again asks organizations to implement the latest critical updates that Microsoft has released for this vulnerability on their systems, a simple and free update that can reduce the possibility of this attack,” the management said.

The attack is the latest in a series of cyberattacks against Israel in recent months.

Over the weekend, hacker group Black Shadow announced that it had attacked Israeli internet company Cyberserve, and on Tuesday it leaked the data of about a million people from the gay dating app Atraf.

Cyberserve is a web hosting company, which means that it provides servers and data storage for other companies in all industries. The data seized by hackers comes from a wide variety of businesses, from bus and tour booking companies to the Israel Children’s Museum.

Last month, the Hillel Yaffe Medical Center in Hadera was the target of a ransomware attack that affected its computer systems.

Cybereason also revealed last month that MalKamak, an Iranian state-backed hacking group, was running a highly targeted cyber espionage operation against global telecommunications and aerospace companies, stealing confidential information from targets in Israel and the Middle East, as well as in the U.S. States, Russia and Europe. The threat posed by MalKamak is still active.

In September, a group of hackers called Deus leaked data it claims to have obtained in a cyberattack on Israeli call center services company Voicenter from the company’s clients, including 10bis, CMTrading, Mobileye, eToro, Gett, and My Heritage. . The data leaked so far includes images from security cameras and webcams, identification cards, photos, messages and emails from WhatsApp, as well as recordings of phone calls.

A series of cyberattacks has affected Israeli companies and institutions in the past two years, including Israel Aerospace Industries, the Shirbit insurance company, and the Amital software company.

The National Cybernetics Directorate reported that it answered more than 11,000 queries in its 119 hotline in 2020, 30% more than it did in 2019. The direction made around 5,000 requests to entities to handle vulnerabilities that exposed them to attacks and was in contact with about 1,400 entities related to attempted or successful attacks.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *