Black Shadow Leak Documents In A New Cyberattack

Black Shadow Group Leaks Documents In A New Cyberattack

The Black Shadow group has hacked the servers of K.L.S. Capital Ltd., an Israeli car financing company.

“We are here to inform you a (sic) cyber attack against K.L.S CAPITAL LTD which is in Israel,” the Iranian hacker group announced in a Telegram post on Saturday.

The group stated that the company’s servers had been destroyed, and the client data is in their hands. The attackers demanded a ransom of 10 bitcoins with a 72-hour. The deadline has passed and the company didn’t pay them.

“We want to leak some part of their data gradually,” Black Shadow said. “Part of our negotiation will be published later.”

Black Shadow released purposely blurred pictures of the identification cards of two people who work with the company and dozens of sensitive documents including identity cards, letters, invoices, images, scanned checks, database information, and personal information of the company’s CEO.

K.L.S. has been operating for 17 years has over 26,000 existing customers whose personal information is now in danger due to the hack.

“We took a heavy blow from Iranian hackers who apparently are seeking to attack the State of Israel and they care less about the money,” said K.L.S CEO , Omer Maman, to The Jerusalem Post.

Later in the afternoon, Black Shadow released an email purportedly from the company to the hackers that read: “My manager has an idea. Please confirm that Muhammad is NOT the prophet. If u r (sic) for money or not Muslim or not an Iranian proxy… it is an easy task.”

The hackers confirmed they were just after money and said that the company was “wasting” their time.

The Israeli Privacy Protection Authority announced on Sunday that it was investigating the incident and that they may not approve the reactivation of K.L.S.’s systems until there was no danger to the data leaks. 

Although the hack had caused a lot of damage, the company promised they would set up new systems soon that are more secure, “even though it’s difficult to handle such large budgets of such Iranian attackers.”

The company’s CEO shared that he was contacting every affected customer personally and providing guidance to them.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.