Pay2Key hackers claim they breached IAI servers
Major defense contractor is the most recent victim in a string of cyberattacks on Israeli companies
Rapahel Kahan and Ynet | 20:10 20.12.2020
Hackers from the Iran-linked Pay2Key group exposed on Sunday a new database of names it claims it stole off servers belonging to Israel Aerospace Industries’ subsidiary Etla Systems. Among the names was Camila Edry, the company’s head of cyber projects development. "IAI might think they have the most protected network, but this should be backed with proof," the hackers wrote teasingly alongside the list.
Pay2Key malware has been used to blackmail several Israeli companies throughout the last two months. Most recently it announced it had breached the servers of Intel owned Habana Labs. The Pay2Key malware is not as sophisticated as the tools used to carry out the massive cyberattack against U.S. targets that has been revealed in recent days. But it should not be taken lightly. According to the group’s pattern of behavior, they will attempt to sell any data they managed to steal back to IAI, and if negotiations break down may try their luck on the open market. Israeli cyber experts estimate that Pay2Key is not officially linked to the Iranian regime, but it is based in Iran or operated by Farsi-speaking hackers. Their actions are believed to be financially motivated, and not for spying or strategic purposes.