Technion – Israel Institute of Technology is Israel’s top technology research university and a leading center for cyber security education. A new anti-Israel threat actor calling itself DarkBit is claiming responsibility for the ransomware attack that breached the Institute on Sunday, February 12, 2023.
The DarkBit group is demanding 80 Bitcoin for decryption, but experts pointed out that the hacker crew appears to be politically motivated and it’s unlikely they would give out a decryption key even if demands are met.
“We hacked #Technion, the technological core of an apartheid regime. They should pay for their lies and crimes, their names and shames. They should pay for occupation, war crimes against humanity, killing the people (not only the Palestinians’ bodies, but also Israelis’ souls) and destroying the future and all dreams we had. They should pay for firing high-skilled experts. Say goodbye to your security if you support or have any kind of collaboration or partnership with Israel, or you pay its expensive price.” reads the message published by the group in its Telegram Channel.
The ransom note is written using an English translator, VX-underground researchers noticed.
Darkbit is threatening to raise the amount by 30% if Technion refuses to pay the demanded sum within 48 hours.
Army Radio said that all exams would be postponed pending resolution of the security breach, The Jerusalem Post reported.
Israeli authorities launched an investigation into the incident, the Israel National Cyber Directorate (INCD) said it is “in touch with the Technion to get a full picture of the situation, to assist with the incident and to study its consequences.”
“The field of higher education has been a central target for cyber attackers, with the INCD identifying 53 [serious] incidents of such attacks in 2022, most of which were prevented,” said the authority.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Israel Institute of Technology Technion)