Personal information of Israel’s military soldiers and security agency Shabak was put on sale on the dark web. A hacker forum user named Blackfield was witnessed selling Israeli military data on RAMP. RAMP is a Russian-language dark web platform. The Israel military data sale remains unverified however, if true, the data of Israeli soldiers could make hacking classified and sensitive data possible for other cybercriminals.
The Israeli military data sale could also be a gimmick to make instant money keeping the current Israel-Hamas war in mind. Soldiers are entrusted with data that they use for various service-related tasks. It could include data related to arms and ammunition, military bases, and contact information of team members apart from their own login credentials.
Such data might be of use to hackers who have come forward in support of either of the warning regions or nations.
Shabak, and Israeli Military Data on Sale
Blackfield claimed to have ‘personal data’ from Shabak which is an Israeli Security Agency with worldwide operations. “We have data of hundreds of IDF soldiers & some of Shabak members,” the post about the Israel Defense Forces (IDF) data sale read.
The data had phones, photos, personal information, and access to soldier’s social media accounts, the Israel Defense Forces data sale post further added.
The data along with access to accounts was offered for a price of ‘15k,’ noted the Israeli soldier data sale post.
The post ended with a note hinting at the next sale from a US entity. “Note: USA Expect Us,” it read.
How the hacker forum user Blackfield found data from the Israel Defense Forces was not noted on RAMP. Nor can all the data sale claims be trusted. Hacktivists have been claiming DDoS attacks on Israel, Palestine, Ukraine, and Russia, more so, after the Hamas attacks on Israel.
However, DDoS attacks usually disrupt services and are not used as a means to pilfer system data. Cybercriminals are regularly found claiming cyberattacks on organizations belonging to war-ridden nations. It is common for ransomware groups to openly release exfiltrated data after failed ransom negotiations, on the dark web which is further misused by other criminals.
It is likely that hacker forum users and traders pick from the released data and make use of it.
Recently, the cybercriminal RansomedVC made a post seeking access to Iran, Gaza, and Palestine. In the wake of the Israel-Palestine conflict, such dark web updates could point toward malicious misuse of sensitive data.
After the Hamas attack on Israel last Saturday, militants took nearly a hundred individuals away as hostages. This may include military personnel from Israel besides women, and children. The details known to any Israeli military personnel would be of use to the attackers.
It Is unlikely that they might not have inflicted atrocities on the soldiers if any, to retrieve sensitive military data from them. The data floating on the data web could well be a ploy to trick buyers or official records forcefully taken from the hostages and their devices.
Meanwhile, Hamas has declared that they will execute one hostage for each airstrike that kills civilians.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
