Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Pro-Hamas group Cyber Toufan claims to have compromised multiple Israeli defence contractors via a third-party supply chain hack.
The Cyber Toufan hacktivist group has posted details of the Australian Defence Force’s Land 400 upgrade program, after claiming to have compromised several Israeli defence contractors.
The hacking group, believed to have links to Iran, shared images and details about the ADF's acquisition of the Redback infantry fighting vehicle. The Redback is being built by Hanwha Defence Australia, with a total program cost of about $7 billion.
“We, in Cyber Toufan, announce that we have hacked 17 institutions and companies that directly and indirectly serve the Zionist defence and military industries, and have obtained tens of terabytes of personal data, administrative and technical documents, audio calls, and video recordings of these criminals,” the hacktivists said in an October 30 Telegram post.
“Some designed the rocket, the UAVs, and the tank, while others participated in making their parts and programming their systems, even transporting them to the battlefield.
“We are talking about systems like the Iron Dome, Laser Dome, David's Sling, and Arrow. About Jericho, Spike, Gabriel, and Sea Breaker missiles. We are talking about Achzarit, the Leopard, and drones, as well as the explosive robots that destroyed Gaza.”
Cyber Toufan claims to have gained access to these companies and their projects via Maya Engineering, an Israeli firm that works closely with the Israeli defence industry.
“One and a half years after gaining full access to the network, we have explored every part of it and reached the QNAP archive. Through the systems, we have breached Elbit and Rafael's through then. Their phones, printers, routers and cameras as well. We have recorded your meetings with sound and video for over a year,” Cyber Toufan said in another post.
“This is just the beginning with Maya!”
Alongside the claims, Cyber Toufan published dozens of security camera recordings and images of Maya’s offices and personnel, alongside security camera images that appear to depict individuals employed by defence contractors Elbit and Rafael, among others.
“Revealed: photos of more than 60 criminals from Elbit, Rafael, IAI, and the Israeli Ministry of Defense, as well as others who think they are unknown,” Cyber Toufan said.
“Some of them have been identified, and the rest are under verification. They have been added to the blacklist. Details of your meetings, designs of weapons, and billion-dollar contracts with foreign companies will also be made available to the public.”
Cyber Toufan also posted a string of images outlining the defence programs it claims to have compromised, including several missile and drone systems, satellite and display systems, and the ADF’s Land 400 program.
The ADF’s Redback AFV is listed by name, alongside images of the vehicle’s Iron Vision system and remotely operated turret and several blueprints of other vehicle components.
“Some weapon designs that we received from Maya, which are manufactured in partnership with various countries and valued at hundreds millions of dollars, part of which has not been released yet,” Cyber Toufan said.
“We might leak some of it when needed... Stay tuned.”
Cyber Daily has reached out to the Department of Defence and Elbit for comment. Hanwha Australia decline to comment on the incident.
Cyber Toufan – also known as Cyber Toufan Al-aqsa – was first observed in November 2023. According to cyber security firm SOCRadar, the group’s sophistication and targeting bear the hallmarks of state-sponsored activity.
“Their rapid rise and effective execution of complex cyber-attacks suggest a level of support and resources that are not typically available to independent hacker collectives,” SOCRadar said in a December 2023 profile of the group.
“Cyber security experts and intelligence analysts have pointed towards potential Iranian backing, given the group’s style, targets, and the geopolitical narrative underpinning their attacks.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
