Hackers linked to Iran began leaking Tuesday information and messages from a popular Israeli gay dating app.
The hackers, known as Black Shadow, said they were posting personal information from users of the app Atraf because the $1 million digital-currency ransom demand they made on Sunday had gone unmet, according to The Jerusalem Post.
’48 hours have passed! Black Shadow claimed that no one sent them money. “This is not the end, there’s more to come.”
CyberServe, an Israeli web hosting company that hosts servers on Atraf and other sites, was the initial target of the hackers.
CyberServe denied that it had negotiated with Black Shadow. However, the hackers posted screenshots purporting to show a representative agreeing he would pay $500,000 to the blackmailers.
Black Shadow had also leaked detailed records from an Israeli hospital on Tuesday evening.
Black Shadow, an Iranian hacker group, began leaking personal data of Atraf users. Atraf, an Israeli gay dating site, is popular in Israel. The leak began Tuesday, after the cyber attackers’ $1,000,000 was not met.
Atraf, Hebrew slang meaning “craziness”, was launched in 2002 as a Tel Aviv-based gay site. It now offers an app that allows geolocation-based dating and a nightlife index.
It has become a popular dating site for gay Israelis. The company claims that 3 million messages are sent each day by 250,000 users. Members can also purchase tickets for parties or other events.
Black Shadow uploaded the ransom payment information, including ticket purchases and chats, on Tuesday as the deadline expired. He also threatened to ex-promote closeted celebrities.
According to The Times of Israel: “Atraf’s Team did not contact us about any deal’s yet so they collected 50 famous Israeli surfers, and we leaked their videos,” the hackers threatened Telegram.
Atraf website and app are offline. DailyMail.com inquiries were not immediately answered by developers.
CyberServe, an Israeli internet hosting company, was hacked by the group. It hosts Atraf and other sites. The group also includes two bus companies, a children’s museum, and a tour-booking company.
Atraf claims that 250,000 users send 3 million messages each day to its app. Cyberattacks have caused Atraf’s website as well as its app to go down.
One user shared the following on Facebook: “We still don’t know what they have,” ‘Pictures? Correspondence? Credit details? Phone numbers Mail and home addresses? What did they manage to get?
While Israel is more welcoming to LGBTQ people than its Middle Eastern neighbors it, some Atraf members worry about their friends and family learning about their sexual orientation, kinks, or HIV status.
Ynet News heard from a closeted twentysomething from Tel Aviv, “It’s awful that you break into my personal area and threaten to reveal all my correspondence,”
“My family, friends and I know nothing.” [about my being gay]He said that he agreed. “It’s very complicated for me, I’m really helpless these day and don’t know what to make of it.”
Black Shadow screenshots of what it said were negotiations over the ransom on Telegram, though its not clear who the hackers are interacting with. CyberServe denied that they were negotiating with Black Shadow
In an alleged Telegram conversation posted by Black Shadow, the hackers push back against a $500,000 ransom offer
Black Shadow uploaded his dating-app data, including ticket purchases, as soon as Tuesday’s ransom deadline expired. Revelers at Tel Aviv Pride 2019
Yoram Hacohen from the Israel Internet Association said that it was a ‘grave attack on privacy Israel has ever seen’.
This is terrorism in all senses and the focus must now be on minimizing the damage to the information and suppressing its distribution as much as possible,” Hacohen stated.
Atraf stated in a series of Facebook messages that it had quickly contacted the government authorities after being made aware of the blackmail plot.
It stated that it had alerted authorities in Israel to the hackers’ intent to publish the records. They requested the immediate deletion of Telegram accounts.
“The motive of terrorist groups is not national but economic. Therefore, we are following the directives given by the [National Cyber Directorate]?.
The company advised users to report any suspicious turns to law enforcement and to avoid direct contact with ‘the Iranian attack group’.
The post stated that this was a terrorist group that is nationalist and does not prevent a monetary motive. It is expected that any details they have will be used for bad morals.
Black Shadow, hours after releasing the Atraf data was leaked, provided detailed information on blood tests and CT scans for gynecology visits, vaccinations, and more for approximately 290,000.
Hours after releasing the Atraf data, Black Shadow leaked detailed information on blood tests, CT scans, gynecology appointments, vaccinations and more for some 290,000 patients at Machon Mor medical institute in Bene Beraq, YNet reported.
The ransomware attack hit other CyberServe clients, according to The Jerusalem Post, including a children’s museum, a public broadcasting company, tour booker Pegasus, and Israeli bus companies Kavim and Dan — shutting down their sites and leaking data related to their clients.
Black Shadow claimed at one point that it had not been contacted CyberServe or by the Israeli government. [the hack]They don’t see it as a problem.
Google has blocked Black Shadow sites, the Israeli Ministry of Justice stated in a statement Tuesday. Telegram also deleted accounts related to this cyberattack gang.
Last week, the Iranian government blamed Israel as well as the US for a cyberattack which forced gas stations across Iran to close.
Gholamreza Jaali, Iran’s Civil Defense Organization leader, stated that although it is difficult to prove forensically, analytically we believe it was carried by the Zionist regime, the Americans, and their agents.
Black Shadow, an Israeli car-financing company, hacked KLS Capital’s servers in March and demanded $570,000 in Bitcoin as a condition for not uploading customer information. (KLS did NOT meet their demands.
The group claimed credit for infiltrating servers to Israel’s Shirbit insurance company last December.
Haaretz claims that the company began leaking client information after it refused to pay its million dollar ransom.