BlackShadow is an Iranian-linked hack-and-leak group (linked to the Agrius APT) that targeted Israeli companies including insurance firm Shirbit and hosting provider Cyberserve, leaking medical records of 290,000 patients, using extortion as a tool of geopolitical disruption rather than purely for financial gain.
3Victims
Dec 18, 2021First Discovered
Dec 18, 2021Last Discovered
1643Days Inactive
0%Infostealer
0/1Sites Online
Top Sectors
Financial Services2
Technology1
Known Locations (1)
544corkfh5hwhtn4.onion
Victims (3)
Shirbit Insurance Company
Financial Services
Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021
K.L.S Capital
Financial Services
Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021
CyberServe Company
Technology
Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021
Don't let email issues hurt your business reputation.
Our cybersecurity team helps you fix SPF, DKIM, DMARC and protect your sender reputation. Get a free 30-minute consultation with a security expert.