"Black Shadow" related to Iran are back: broke into servers of an Israeli financing company - KLS

The hacker group "Black Shadow", which carried out the cyber attack on Shirbit, published announcements today (Saturday) according to which it broke into the servers of an Israeli financing company - KLS Ltd. The group distributed documents of the company's customers on the telegram network, and threatened to publish More information: "Their servers have been shut down, and all the information about their clients is in our hands," they wrote.
Black Shadow stated that they asked for a ransom of about NIS 2 million in Bitcoin, but the company refused. "We inform you of a cyber attack against KLS Capital Ltd., in Israel," they wrote in a statement.

"Their servers have been shut down, and all of their customers' information is in our hands. "After 72 hours of negotiations, they decided not to pay ten bitcoins, and now we want to leak some of the information," it said.
Following this announcement, the burglars began leaking information in a new telegram group, in which they posted photos of checks, passports, identity cards and also training files on the company's internal system. It is possible that they managed to take over one of the company's computers, and from there extract the same details.
The finance company KLS said in response that the national cyber array had warned of the attack about three days ago. "This is an attack similar to many attacks, as part of a series of attacks conducted by Iran on its affiliates against Israeli targets, including companies and government bodies, public and private. full".
The company added that they had "re-installed its servers and the information leak problem was solved. It is not yet known how much information was revealed and the company will be in contact with its customers in accordance with the findings."
The national cyber system announced after the details of the attack that it provided the company with initial assistance to stop it and in an attempt to "steal money from the company as well as prevent further damage." The ministry said KLS "is now using the services of a private cyber company. The system has advised the company to let its customers know that their information may leak to the network. Small businesses also need to take cyberattacks and take responsibility for their customers' information."
On December 1, the insurance company Shirbit announced that the company's website and its servers had been attacked by a group of hackers in a cyber attack in which private information of the customers was stolen. Similar to the break-in today, the identity of the group Black Shado was revealed after its people leaked customer information on the telegram.
The leak included dozens of IDs, driver's licenses, WhatsApp messages, a credit card and sensitive information that included psychiatric assessments to determine disability percentages. Following the affair, the Privacy Protection Authority announced that it had opened an investigation against the company, as part of which it would examine the manner in which Shirvit would protect the personal information of its customers.
Dr. Harel Manshari, one of the founders of the GSS 'cyber system and head of the cyber department at the Holon Institute of Technology HIT, said that "it is quite clear that the attack was not carried out for ransom purposes as the hackers claim, but there are other purposes here. .
"The ransom is a smokescreen just like it was in the hacking story. This attack happened a few days ago, and the company itself announced that three days ago they were approached by the national cyber system and warned that they were on target and that they were trying to break into their servers."