At Hackmanac we have been classifying and analyzing cyber attacks for over 11 years, and historically, the threat of ransomware has always been used for Cybercrime purposes to provide economic benefits to attackers.

But, for the first time we came across a ransomware being used for Information Warfare purposes.

Soldiers of Solomon group

Soldiers of Solomon is a group long engaged in Information Warfare operations on behalf of Palestine.

The recent cyber attack

The group recently announced that it has exfiltrated and encrypted with ransomware 25 TB of data from the Nevatim military zone in Israel.

In its assertions, the group claims to have gained complete control of more than 50 servers, including security cameras and the area’s smart city management system. 

Nevatim Air Base also hacked

They also claim to have acquired detailed information about personnel and their respective families at Nevatim Air Base.

In support of their statements, they provided screenshots, video recordings and other relevant images of the base.

More details on an underground forum

Details of the attack were disclosed on an underground forum.
The forum post mentioned the use of Crucio, a custom ransomware, which raises suspicion that the group used RaaS (Ransomware as a Service).

Although this is the first attack of its kind, we suspect that it will not be the last.

Stay Cyber Safe!