The CyberAv3ngers, a hacking group, claims to possess and is offering for sale 1TB of data purportedly obtained from Israel’s electricity infrastructure. This alleged breach is part of a series of cyberattacks initiated by the group over the past month. The announcement, made on December 23, 2023, at 10:45 AM, details the sale of Israel’s electricity infrastructure data, priced at 5 BTC for the entire 1TB dataset, with the first 100GB available for 5 BTC.
The post containing this information was shared on the platform “DAILY PARK WEB,” providing a link for interested buyers. The Israel Electric Corporation (IEC) has been approached for official comments regarding the claimed ransomware attack. As of now, no official statement from the IEC has been issued, leaving the authenticity of the ransomware attack unverified.
In response, CyberAv3ngers took to Twitter, affirming their involvement in the attack and challenging those who doubted their actions by stating their intention to reveal supporting documents. The hacker group’s online activity continued on Twitter, issuing warnings and asserting their involvement in attacks on various entities besides the Israel Electric Corporation. Through Twitter, CyberAv3ngers shared intricate details and proof about the cyberattacks, including information related to power plants and critical infrastructure.
However, the veracity of these claims and operations remains unverified. Geopolitical concerns arise from reports by the Cybersecurity and Infrastructure Security Agency (CISA) linking the Iran Revolutionary Guard Corps (IRGC) and its affiliated cyber actors, identified as “CyberAv3ngers,” to the attacks. These actors have targeted Israeli-made programmable logic controllers (PLCs) widely used across industries.
The attacks, ongoing since November 22, 2023, involved defacing compromised devices with anti-Israel messages, expanding the victim scope across multiple U.S. states. Authorities have urged organizations, especially those in critical infrastructure, to implement recommended measures to reduce the risk of compromise from these cyber actors.