Cybersecurity

CyberAv3ngers Offers 1TB of Alleged Israeli Electricity Data for 5 BTC

CyberAv3ngers hacker group claims to possess and be selling 1TB of data from Israel’s electricity infrastructures. This alleged IEC data breach is just one of the attacks listed by the hacker group as these attacks started last month.

The cybercriminals, operating under the alias CyberAv3ngers, posted a message on Saturday, December 23, 2023, at 10:45 AM, declaring the sale of Israel’s electricity infrastructure data. The asking price for the entire 1TB dataset is set at 5 BTC (Bitcoins), with the first part of 100GB available for 5 BTC. 

The post, shared on a platform named “DAILY PARK WEB,” includes a link for interested parties to access more information and make purchases.

IEC Data Breach and Cyberattack on Israel’s Electricity Infrastructures

IEC Data Breach
Source: Twitter

The Israel Electric Corporation (IEC) has been approached by The Cyber Express for official comments regarding the alleged IEC ransomware attack. As of the time of writing, no official statement or response from the IEC has been received, leaving the claims surrounding the IEC ransomware attack unverified.

In response to the looming uncertainty, the CyberAv3ngers hacker group took to Twitter, asserting their involvement in the IEC ransomware attack. In a tweet, the group stated, “If you remember, some people claimed that our attack on Israel’s electricity infrastructure was a lie! Today we will unveil some documents that show who is lying and who is telling the truth!”

The hacker group continued its online activity, issuing warnings with tweets such as “Don’t sleep too much at night.” Notably, the Israel Electric Corporation is not the sole alleged victim of CyberAv3ngers, as the hacker group claims to have targeted other entities as well.

CyberAv3ngers Cyberattacks and New Operations

CyberAv3ngers Cyberattacks
Source: Twitter

Using Twitter as their source of communication, CyberAv3ngers shared a “Proof Of Concept!” in two parts, providing intricate details about “Combined Cycle Gas Turbine – CCGT,” aerial maps of power plants, blueprints of power supply, and other critical information. However, the authenticity of these claims and the operations still await verification.

Cyberattack on Israel's Electricity Infrastructures
Source: Twitter

The situation takes a geopolitical turn with previous reports from the Cybersecurity and Infrastructure Security Agency (CISA), indicating that the Iran Revolutionary Guard Corps (IRGC) and its affiliated cyber actors, using the moniker “CyberAv3ngers,” have been actively targeting and compromising Israeli-made Unitronics Vision Series programmable logic controllers (PLCs).

These PLCs, widely used in various industries, including energy, food and beverage manufacturing, and healthcare, have been exploited since at least November 22, 2023. The IRGC-affiliated cyber actors left a defacement image on compromised devices, stating, “You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers’ legal target.”

The scope of victims extends across multiple U.S. states, prompting the issuing agencies to urge all organizations, especially those in critical infrastructure, to implement recommended mitigations to reduce the risk of compromise from these IRGC-affiliated cyber actors.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.