Iran-backed hacker demanded 80 bitcoin in anti-Israeli ransom note
A group of anonymous hackers that recently attempted to extort nearly $2 million in bitcoin from a prominent Israeli university is linked to Iranian security services, reports local outlet i24NEWS.
In February, the collective calling itself DarkBit targeted the Israel Institute of Technology in Haifa (Technion). The group claimed to have stolen ‘all’ of the university’s data and threatened to put it up for sale within five days unless it received 80 bitcoins ($1.7 million) by way of ransom.
The attack forced Technion to delay a number of exams and shut down its IT systems.
Back in February, DarkBit was very much an unknown entity. Speculation was rife as to exactly who was behind the attack with guesses ranging from a disgruntled employee to a pro-Palestinian activist.
However, in a recent announcement, Israel’s National Cyber Directorate confirmed that the attack came from MuddyWater, a group that US authorities previously linked to Iran’s Ministry of Intelligence and Security.
MuddyWater has been flagged on a number of occasions by British and American investigators as targeting government and private-sector organizations in the telecommunications, defense, local government, and energy industries.
MuddyWater peppered its ransom note with anti-Israel rhetoric
Israeli authorities believe that the Israeli university hack may have been motivated more by ideology than greed due to the anti-Israel language peppering the email demand.
“We regret to inform you that we’ve had to hack Technion network completely and transfer ‘all’ data to our secure servers,” the group wrote. “Keep calm, take a breath and think about an apartheid regime that causes troubles here and there. They should pay for their lies and crimes, their names and shames.”
The note then went on to reference Israeli occupation, war crimes, and “destroying the future and all dreams we had.”
It rounds things off by claiming that MuddyWater was, at least in part, motivated by the university “firing high-skilled experts.”
Read more: North Korean hackers used new methods to target Israeli crypto
According to Israeli defense experts, this is just one of “dozens of attempted Iranian cyberattacks over the past year.” The news of this latest attack comes just hours after North Macedonian officials linked Iran-based IP addresses to a number of bomb threats in the country.
Quotes in bold are our emphasis. For more informed news, follow us on Twitter and Google News or subscribe to our YouTube channel.