A hacking collective identifying as APTiran has allegedly launched a significant cyber campaign against Israel, claiming to have breached government, academic, and other critical infrastructure. In a series of online posts, the group cited the ongoing geopolitical conflict as their motive, stating the attacks are retaliation for Israeli military actions. The targeted entities, including government ministries and universities, are fundamental to Israel’s national security and civil society, making the alleged breaches a serious national concern.
The group claims to be using destructive, “one-way” ransomware attacks with strains like ALPHV and LockBit, suggesting their goal is to cause widespread disruption rather than seek a payout. The attackers have also allegedly targeted hospital servers and financial sector systems. As part of their campaign, the hackers have threatened to turn infected devices belonging to government entities and ordinary citizens into a large-scale “zombie” network.
The group allegedly leaked vast amounts of sensitive data to substantiate their claims, including:
- Over 350,000 login credentials for Israeli government (
.gov.il) systems. - Approximately 300 databases allegedly exfiltrated from Israeli servers.
- Numerous login credentials for various Israeli academic (
.ac.il) institutions.
