Iranian cyberattack targets Israelis, leaking personal information

Personal information leaked by the hackers included photos of ID cards and resume files, among other information.

 A smartphone with a displayed Iranian flag with the word "Cyberattack" and binary codes over it is placed on a computer motherboard in this illustration taken February 23, 2023. (photo credit: DADO RUVIC/REUTERS)
A smartphone with a displayed Iranian flag with the word "Cyberattack" and binary codes over it is placed on a computer motherboard in this illustration taken February 23, 2023.
(photo credit: DADO RUVIC/REUTERS)

An Iranian cyberattack targeting Israeli jobseekers was uncovered by the National Cyber Directorate on Thursday, with the directorate warning that the hackers were leaking the personal information of the people targeted.

The attack was carried out by sending fake messages to job search website users pretending to be official messages from the websites. The messages include a malicious link which opens a browser tab containing code which attempts to turn on the device's camera and a fake login page which records the target's login information.

The National Cyber Directorate noted that the messages include typos and the link is slightly different than the official website's URL, using a ".com" instead of ".co.il."

Personal information leaked by the hackers includes photos of ID cards and resume files, among other information.

The Directorate provided relevant websites with the information necessary to examine their computer systems to uncover if the cyberattack targeted them.

 Projection of cyber code on hooded man is pictured in this illustration picture (credit: REUTERS)
Projection of cyber code on hooded man is pictured in this illustration picture (credit: REUTERS)

Privacy Protection Authority urges job search website users to be careful

Israel's Privacy Protection Authority called on job search website users to exercise caution when receiving messages from contacts they don't know and to immediately change the password they use for such websites.

"It is important to be highly alert for attempts at further attacks through phishing in text messages (WhatsApp, SMS, etc.) and e-mail," said the Authority. "As a precaution, it is always recommended to enter the required service by typing the URL yourself and not by using a link."

In late July, the Shin Bet announced that it had detected an attempt by Iran to collect information from Israeli researchers and civil servants using a phishing campaign involving fake LinkedIn profiles.