ADVERTISEMENT

Israel targeted by suspected Iranian threat actor

A new ransomware group that is apparently motivated more by politics than profit has been spotted in the wild by cyber defense company Cyble. Calling itself BlackMagic, it is believed to be linked to Iran and primarily going after companies in Israel.

Both countries flags collaged

Image by Shutterstock

Damien Black
Damien Black Senior Journalist
Dec 7, 2022 Updated: 7 December 2022 2 min read
Screenshot of calling card left by BlackMagic ransomware group
Digital 'calling card' left by BlackMagic in victim computer's folder
ADVERTISEMENT

Bragging rights?

BlackMagic's desktop background installed on victim machines after attack
What passes for the threat group's logo and an apparent list of previous victims is posted on the latest target's computer desktop after data has been encrypted and exfiltrated
ADVERTISEMENT