Suspected Iranian hackers, identified as the group Tortoiseshell, have targeted multiple shipping and logistics websites in Israel, aiming to gather user information. ClearSky, a Tel Aviv-based cybersecurity company, attributes these attacks to Tortoiseshell, which has been active since at least July 2018. The hackers employed a watering hole attack, compromising websites frequented by the target audience to inject malicious code.
The majority of the affected websites have removed the malicious code, but the attack raises concerns about the ongoing cyber conflict between Iran and Israel, with Iranian actors continually enhancing their capabilities.
The cyber conflict between Israel and Iran has intensified over the past two years, with Iranian state-sponsored actors steadily improving their cyber capabilities. While not as advanced as Russian or Chinese counterparts, Iranian hackers are known to exploit recently disclosed vulnerabilities and employ tailored tools against their targets.