BlackShadow is an Iranian-linked hack-and-leak group (linked to the Agrius APT) that targeted Israeli companies including insurance firm Shirbit and hosting provider Cyberserve, leaking medical records of 290,000 patients, using extortion as a tool of geopolitical disruption rather than purely for financial gain.
3Victims
Dec 18, 2021First Discovered
Dec 18, 2021Last Discovered
1597Days Inactive
0%Infostealer
0/1Sites Online
Top Sectors
Financial Services2
Technology1
Known Locations (1)
544corkfh5hwhtn4.onion
Victims (3)
Shirbit Insurance Company
Financial Services
Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021
K.L.S Capital
Financial Services
Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021
CyberServe Company
Technology
Discovered: Dec 18, 2021 · Attack est.: Dec 18, 2021