Multiple hacked Israeli defense companies; sensitive data from leaked employees

The Pay2Key hacker group, allegedly sponsored by the Iranian government claims to have compromised Israeli Aerospace Industries systems thanks to a set of cyberattacks deployed over the past week.

Hackers also mentioned that a systems administrator from subsidiary Elta exposed his password after a cyberattack. ClearSky, an Israeli cybersecurity firm, published a report on this hacking group just days before the alleged attack, mentioning that this group could have been made up of former members of the Fox Kitten hacking group.

In his report, ClearSky mentions that this campaign is part of Iran-Israel’s cyberwarfare campaign, which has caused significant damage to multiple private companies in both countries. Experts also mention that Pay2Key hackers posted sensitive information on some dark web forums, although it is unknown whether other hacking groups have accessed this information.

Previous reports on Pay2Key mention that this is a group specializing in ransomware attacks, committing multiple companies in Israel as part of a massive campaign primarily in Tehran. “This campaign is part of Iran’s information war aimed at creating panic in Israel and other countries around the world,” the specialists added.

Elta’s hack came after a major cyber attack, also the work of Pay2Key, according to ClearSky. Apparently, hackers took information from the victims’ servers to expose them on dark web forums.

The report concludes by mentioning that at least 15 more companies have been affected by this campaign; although the various reports mention that Iran is the main operator of the attack, it is believed that at least five other countries have participated in these cyberwarfare campaigns.

On the other hand, a week ago it was reported that a group of hackers managed to steal a large amount of personal data from customers of the insurance company Shirbit, which apparently began selling on dark web forums.