The threat actor group that goes by the name Black Shadow has hacked into the Israel-based company L.L.S Capital, a financing company. In an announcement posted to the Telegram platform on Saturday, March 13th, the group stated they would begin to slowly leak some documents from the company as proof and as a way to entice the company to pay the ransom. Black Shadow requested a ransom of ten Bitcoins from the company. The company has over 26,000 clients who are all at risk of having their data leaked if the company does not pay the ransom. The CEO of the company stated they are working to identify the magnitude of the attack and alerting all affected customers.
This is the second attack since December that Black Shadow has targeted an Israeli-based company. Previously, it was believed that the group was Iranian and was using these attacks for cyber-terrorism, but those claims have been refuted. It is likely that the group is Iranian but it appears to be focused on financial profit rather than cyber-terrorism goals. It is unclear at this time how the attackers gained access to the company’s network. Companies should ensure that they have the proper defenses in place to prevent threat actors from breaching their systems. Organizations should make sure they are storing customer data properly and are utilizing a monitoring service such as Binary Defenses Security Operations Task Force that works 24/7 to monitor their endpoints for any signs of intrusions or attacks.
More can be read here: https://www.jpost.com/jpost-tech/israeli-car-financing-company-hacked-private-information-held-for-ransom-661865?&web_view=true