In a post on a dark web forum, a threat actor has made allegations of breaching multiple high-profile Israeli organizations, including government institutions and defense contractors. The post lists an extensive set of access points and sensitive data, allegedly up for sale.
According to the post, the threat actor claims to have compromised various Israeli institutions, including the Ministry of Foreign Affairs (MFA), defense contractors like Rafael Advanced Defense Systems, and even intelligence units such as Unit 8200 and Unit 9900. The data offered for sale is said to include:
- Israel MFA Access: Remote Desktop Protocol (RDP) access and SharePoint accounts, reportedly containing more than 370GB of data.
- Mossad Email Server Dump: Alleged 27,000 emails and files dating from 2017 to 2023.
- Rafael Advanced Defense Systems and Elbit Systems Data: Information linked to two of Israel’s most significant defense contractors.
- Israeli Intelligence and Military Units: Alleged data from various military and intelligence bodies, including Unit 8200, Unit 9900, the Israeli Navy, and the Israeli police, along with personal CVs.
- SCADA Access: The post also lists 70 instances of Supervisory Control and Data Acquisition (SCADA) system access, critical for industrial control systems.
- Modem Access: More than 60 compromised Bakarim7 modems.
The post includes a link to a Telegram contact, where potential buyers can supposedly inquire about the purchase of this data.