Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search

Presumed Cyber Attack on Zerto: Not for Financial or Espionage Purposes but for Political Reasons

Pietro Melillo : 24 June 2024 14:41

Recently, Handala, a malicious actor, posted on a well-known dark web forum, claiming a cyber attack against Zerto, a subsidiary of Hewlett Packard Enterprise (HPE). Zerto is renowned for its advanced solutions for disaster recovery, ransomware resilience, and workload mobility, specifically designed for virtualized infrastructures and cloud environments.

Handala (threat actor) attacked Zerto (one of the largest Zionist cybersecurity companies in the world).
Zerto, a Hewlett Packard Enterprise company, enables customers to manage always-on business by simplifying the protection, recovery, and mobility of on-premises and cloud applications. Zerto’s cloud data management and protection platform eliminates the risks and complexity of modernization and cloud adoption through private, public, and hybrid implementations.

The software-only platform uses continuous data protection at scale to converge disaster recovery, backup, and data mobility. Zerto is trusted by over 9,500 customers globally and powers offerings for Microsoft Azure, IBM Cloud, AWS, Google Cloud, Oracle Cloud, and more than 350 managed service providers. Zerto provides backup and recovery for SaaS applications like Microsoft 365, Dynamics 365, Azure Active Directory, Salesforce, Google Workspace, and more. This company has over $300 million in revenue!

These foolish Zionists can’t even provide their own cybersecurity; do you really think they can provide it to you? It’s ridiculous! 51 TB of data downloaded and deleted! Some emails sent…

The Handala Hacker Collective

Acquista il corso Dark Web & Cyber Threat Intelligence (e-learning version)
Il Dark Web e la Cyber Threat Intelligence rappresentano aree critiche per comprendere le minacce informatiche moderne. Tra ransomware, data breach e attività illecite, le organizzazioni devono affrontare sfide sempre più complesse per proteggere i propri dati e le infrastrutture. Il nostro corso “Dark Web & Cyber Threat Intelligence” ti guiderà attraverso i meccanismi e le strategie utilizzate dai criminali informatici, fornendoti competenze pratiche per monitorare, analizzare e anticipare le minacce.

Accedi alla pagina del corso condotto dall'Prof. Pietro Melillo sulla nostra Academy e segui l'anteprima gratuita.

Per un periodo limitato, potrai utilizzare il COUPON CTI-16253 che ti darà diritto ad uno sconto del 20% sul prezzo di copertina del corso
Per ulteriori informazioni, scrivici ad [email protected] oppure scrivici su Whatsapp al 379 163 8765 

Supporta RHC attraverso:


Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo

Handala is a pro-Palestinian hacker group known for its targeted attacks against Israeli entities and their allies. This group has gained notoriety for several high-profile operations, including sending threatening messages to Israeli citizens and claiming to have compromised Israel’s radar systems and Iron Dome missile defense. Handala’s attacks are often politically motivated, aimed at spreading political messages and destabilizing critical infrastructures.

Recently, Handala claimed an attack on the messaging app Viber, stating they had stolen 740 GB of data, including source code and other sensitive information. The group also demanded a ransom of 8 Bitcoin, equivalent to approximately $583,000, for the release of the stolen data.


Handala uses various advanced attack techniques, including phishing and SQL injection, to compromise their victims. Their activities are primarily motivated by support for the Palestinian cause, and they continue to target various sectors, including infrastructure, technology companies, and Israeli defense systems.

Motivations for the Attack

The malicious actor stated that the attack was not carried out for financial gain or industrial espionage but for political reasons.
“These foolish Zionists can’t even provide their own cybersecurity; do you really think they can provide it to you? It’s ridiculous!”
This statement highlights a growing trend of cyber attacks motivated by ideological causes rather than economic interests.

Impact of the Attack

The malicious actor’s post claims that 51 terabytes (TB) of data were stolen and subsequently deleted. This volume of data represents a significant amount of information, which could include:

  • Sensitive Customer Data: Backup information, disaster recovery configurations, and ransomware resilience plans.
  • Intellectual Property: Source codes, algorithms, and other intellectual properties developed by Zerto.
  • Operational Data: Details about Zerto’s internal operations and IT infrastructure.

The malicious actor shared a Telegram channel in the post, likely used to disseminate further details about the attack and possibly coordinate further actions. The inclusion of an image related to the attack adds an additional layer of credibility to the claim.

Conclusion

The attack on Zerto serves as a severe warning to all companies operating in the cybersecurity and cloud computing sectors. The political motivation behind the attack adds a complex dimension to cybersecurity, requiring more sophisticated defense strategies and greater awareness of threats.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"