Defendant in spy house in Ganz and Iranian hackers

The Iranian hackers – and the home of the defense minister: Three weeks after a group of hackers affiliated with Iran known as “Moses Staff” published photos from Defense Minister Bnei Gantz’s home, it was revealed yesterday (Thursday) that a worker at Gantz’s home contacted another group of hackers affiliated with Iran – “Black Shadow” (black shadow) – and suggested to the representative to plant a “worm” on the defense minister’s computer. These are the two groups of hackers who repeatedly attacked Israeli sites in the past month and also came to Beit Ganz, and it is the employee who is accused of spying.

The GSS statement yesterday stated that the detainee is Omri Goren, A 37-year-old resident of Lod, who was employed in housework and cleaning at the home of the Minister of Defense. A Ynet investigation shows that Goren has a rich criminal past, which raises serious questions about the decision to hire him at the Defense Minister’s house.

In 2013, an indictment was filed against Goren for two aggravated robberies, attempted robbery and conspiracy to rob. The indictment alleges that this was a series of planned robberies throughout the country, initiated by Goren and another defendant. Pictures of packages of money on the table were found in his home and in another person’s home. When he heard about the interrogation, Goren fled to the Dead Sea. Following a plea deal with him he was convicted of aggravated robbery in two different offenses and sent to four years in prison. He expressed remorse, then explaining that he was in a difficult family situation.

This was just his last entanglement. Prior to that, he was sentenced in 2010 to 18 months in prison after being convicted of burglary and theft, in 2007 he was convicted of burglary, theft, attempted vehicle theft, conspiracy to commit a crime and more and sentenced to 26 months in prison. For 18 months in prison. Yesterday, and following the charge of espionage, Goren’s detention was extended until a different decision is made.

According to the indictment, for several years Goren and his partner worked in housework and cleaning at Ganz’s home. Following the reports of cyber attacks carried out by hackers affiliated with Iran, Goren decided to contact Black Shadow and offer to pass on information from the Defense Minister. Goren located, using the Telegram app, the address of the hacker’s representative and contacted him under a false identity. He introduced himself as working for the defense minister, noting that he could help the group in various ways. He added that for a sum of money he would be able to transfer information from home and even suggested that a “computer worm” be transferred to him, which he would plant on Ganz’s computer.

In order to prove his abilities, during the month Goren photographed several items in the minister’s house and sent them to the group’s representative by telegram. Among the items photographed: a desk, computers, a telephone, a tablet, a box with a label with IDF affiliation details and serial numbers, a box with a sticker with an IP address, a closed safe and a grinding machine, military souvenirs given to the minister in his previous position as chief of staff, framed photos of The Minister and his family, a bill to pay the Minister’s property tax and more.

“Black Shadow” It made headlines late last year, when it broke into the information systems of the insurance company Shirbit and stole a lot of information about its customers. Although the hacker group is affiliated with Iran, there is no consensus on this issue in the cyber community, and there are different opinions about its origin.

Last month, the same group broke into the servers of the Israeli company Cyberserve on which dozens of sites sit, with the main victim of the attack being the LGBT dating site Atref, which leaked intimate details of its users as part of the attack. Personal.

In the cyber hack into Cyberserve, the group also released information about customers of other companies – including the transport company “Dan”, the children’s museum, the organized travel company “Pegasus”, the blog of the public broadcasting corporation “Here” and more. In addition, it also broke into the Moore Institute’s systems and, among other things, leaked some 290,000 records containing patient details at the institute, including blood tests, CT scans, vaccinations, gynecologist appointments and many other documents. At the beginning of the month, the hackers offered for sale credit card details of about 10,000 Israelis.

But the photos published from Gantz’s house were allegedly distributed by another group of hackers affiliated with Iran. “Moshe’s headquarters“. Last month she posted pictures of the defense minister, threatening to keep him under surveillance.” We know all your decisions, “they wrote to Gantz,” hit where you will not think. We have confidential documents from the Ministry of Defense and Bnei Gantz. We have news, reports, operational maps, information on the potential of units and forces and letters. We will publish this information to inform the whole world about your crimes. ”

Along with Gantz’s photos, “Mata Moshe” published a series of leaks from databases with details of hundreds of thousands of Israelis, they claimed that these were data taken from Israel Post computers and a number of private companies. She later claimed to have broken into three Israeli engineering companies – HG M Engieening, David Engineers and Ehud Leviathan Engineering. “We have all the data and projects of these companies, including maps, photos, letters, contracts and more. These companies’ data will be published gradually,” threatened and disseminated engineering drawings, building simulations and personal details of customers.

Goren, as stated, turned to the “Black Shadow” representative according to the indictment. According to the GSS, in view of the information security procedures and procedures in the Defense Minister’s house, Goren was not exposed to classified materials, and accordingly there were no such materials transferred from him to those with whom he contacted. “Research regarding the examination processes, with the aim of reducing the possibility of recurrence of such cases in the future.”

The Gantz family chose and employed Goren directly and not through a contractor from the time Gantz was a citizen, between the chiefs of staff and politics. Two days after Goren turned to the Iranians he was arrested and questioned following the incident. It is absolutely clear that Goren was not allowed to be employed in his role as cleaner of the family home.