Fraud Management & Cybercrime , Ransomware

Israel's Technion University Under Ransomware Attack

Attackers Demand 80 Bitcoins, Threaten to Put Data Up for Sale If Demands Not Met
Israel's Technion University Under Ransomware Attack
Image: Shutterstock

A previously unknown, self-proclaimed politically motivated hacking group disrupted Israel's Technion University following a Sunday ransomware attack.

See Also: The Cost of Underpreparedness to Your Business

Attackers using the name "DarkBit" took credit for the attack in a Telegram post accusing Technion of serving as "the technological core of an apartheid regime."

The Jerusalem Post reported that exams at the university are postponed pending resolution of the attack. The world-renowned university's Twitter feed stated Monday morning that some systems, including email and videoconferencing, are gradually returning to normal.

DarkBit claimed the infected files are encrypted using the AES-256 algorithm.

The group demanded 80 bitcoins - approximately $1.75 million - for a decryptor key and gave a deadline of 48 hours, after which DarkBit says it will raise its extortion demand by 30%. The group threatens to post stolen data for sale after five days if it doesn't receive a ransom.

The messaging in the ransom note is highly political and takes an anti-Israel stance. DarkBit's own tweets suggest personal animus as a motivator as well: "Be more careful when you decide to fire your employees, specially the geek ones," reads on Sunday afternoon missive.

The Israel National Cyber Directorate is "in touch with the Technion to get a full picture of the situation, to assist with the incident and to study its consequences," an INCD spokesperson told The Jerusalem Post.

"The field of higher education has been a central target for cyberattackers, with the INCD identifying 53 [serious] incidents of such attacks in 2022, most of which were prevented," the spokesperson said.

About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.