Suspected Iranian state-backed hacking group Cyber Toufan has taken credit for compromising dozens of organizations across Israel in late November amid the ongoing Israel-Hamas war, according to The Record, a news site by cybersecurity firm Recorded Future.
Data exfiltrated across 60 sites including those of foreign firms with businesses in Israel, such as Toyota, IKEA, and SpaceX have been exposed by Cyber Toufan last week, with the pro-Palestinian hacking operation denying that all leaks have stemmed from the Signature-IT hack as claimed by Check Point researchers.
"We will be releasing more behind the scenes of the operation once the month of leaks completes," said Cyber Toufan.
While uncertainties regarding the origins of Cyber Toufan remain, cybersecurity researcher Kevin Beaumont noted that group's "well organized and disruptive" nature.
"They are not a lame [distributed denial-of-service] group, nor are they doing financial extortion. They are wiping large numbers of organizations. I have spoken to a few of the named victims and they are still offline weeks later with limited recovery options as backups were erased," Beaumont added.
Ukraine has been targeted by Russian threat actors in the new Operation Texontodisinformation campaign that also involved spear-phishing and credential exfiltration tactics, according to The Hacker News.
Record high ransomware and data extortion incidents experienced by Western nations last year have prompted former National Security Agency Director Michael Rogers to call for a reevaluation of their cybersecurity defense strategy.