Insights, news, education and announcements from PolySwarm

Pro-Palestine Group Targets Israeli Chemical Sector

Written by The Hivemind | Feb 17, 2023 7:24:12 PM

Verticals Targeted: Chemical

Executive Summary

A recent hacking campaign targeted Israeli chemical sector companies operating in the occupied territories. The threat actor group Electronic Quds Force is responsible for the campaign. This threat bulletin is provided for situational awareness.

Key Takeaways

  • A recent hacking campaign targeted Israeli chemical sector entities operating in the occupied territories. 
  • The threat actors posted messages on Telegram threatening the company’s employees and suggesting they had hacked the company’s ICS. 
  • The campaign was perpetrated by a politically motivated threat actor group known as the Electronic Quds Force.
Background

A recent hacking campaign targeted Israeli chemical sector entities operating in the occupied territories. The threat actor group Electronic Quds Force is responsible for the campaign. The threat actors reportedly threatened the company’s employees, urging them to resign. The campaign appears to be politically motivated, with the threat actors retaliating against Israel’s government and its position toward Palestine.

The threat actors posted a message to a Telegram channel, warning the targeted company's employees to leave their jobs and that their work in the chemical factories is a threat to their lives. The threat actors threatened they would not hesitate to “melt your bodies with chemicals the next time an act of violence is performed against Palestinians.” They also posted images of a hacked industrial control system (ICS) allegedly belonging to one of the targeted companies. This implies the threat actors may have access to a means to disrupt industrial control systems at the company, creating a dangerous situation for employees.

Who is Electronic Quds Force?

Electronic Quds Force appears to be a pro-Palestine hacktivist group. The name Quds Force refers to one of the branches of Iran’s Islamic Revolutionary Guard Corps (IRGC), which specializes in asymmetric warfare and military intelligence. The real Quds Force is affiliated with extremist groups operating in the Palestine and Gaza Strip region, including Hamas and the Islamic Jihad Movement in Palestine. There is currently no indication that the Electronic Quds Force is in any way affiliated with these organizations. It is also unknown whether the Electronic Quds Force is affiliated with the Gaza Cyber Gang (Molerats), a Palestinian threat actor group known for politically motivated cyberattacks on targets in the Middle East. Our analysts assess with a low degree of confidence that the Electronic Quds Force is merely a hacktivist group.



Don’t have a PolySwarm account? Go here to sign up for a free Community plan or to subscribe.

Contact us at hivemind@polyswarm.io | Check out our blog | Subscribe to our reports