Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

BlackShadow Hackers Extort Israeli Insurance Company For $1 Million

BlackShadow Hackers Extort Israeli Insurance Company For $1 Million

Threat actors are extorting an Israeli insurance company by demanding almost $1 million in bitcoin to stop leaking the company’s stolen data.

On Monday, a cybercrime group calling themselves ‘BlackShadow’ tweeted that they hacked into the Israeli Shirbit insurance company and stole files during the attack.

“A huge cyberattack has been taken place by Black Shadow team. There has been a massive attack on the network infrastructure of Shirbit Company, which is in israel economic sphere,” the threat actors tweeted.

Since then, the threat actors has been steadily leaking the victim’s documents and images on a Telegram channel they created for this purpose. This stolen data includes documents, email PST files, scanned documents, audio recordings, and images of passports.

Also Read: How To Prevent WhatsApp Hack: 7 Best Practices

Shirbit data leaked on Telegram

Last last night, the threat actors finally posted a ransom demand stating that Shirbit had 24 hours to send 50 bitcoins, or approximately $1 million, and they would stop leaking their data. The attackers warned that they would continue to leak data every 24 hours if they are not paid.

BlackShadow extortion demand

At the time of this writing, the bitcoin address 13YiK3qHxTdGcD6nfCf7vWXFgWXnbpJvy2 has not received any payments.

Security firms warn against ransom payment

Israel cybersecurity firm Profero believes that this ransom demand is nothing more than a publicity stunt and that the attackers have no plans to stop leaking data if paid.

Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup

While attribution for these attacks has not been made, there has been increased cyberattacks between Israel and Iran lately.

In October, a report by Profero and ClearSky Cyber Security details how an Iranian threat actor known as ‘MuddyWater,’ and linked to the IRGC (Islamic Republic Guard Corps), was planning destructive attacks against Israeli interests in September.

It is believed that MuddyWater planned on utilizing phishing emails or exploit the CVE-2020-0688 Microsoft Exchange vulnerability to deploy fake Google Updaters called ‘PowGoop.’ When installed, PowGoop would deploy the Thanos Ransomware (Hakbit) on victim’s devices.

Thanos ransomware is promoted on Russian-speaking hacking forums as a ransomware-as-an-affiliate service (RaaS) where affiliates get a custom ransomware builder. In return, the developers earn 30% of all ransom payments.

The Israeli cybersecurity firms could prevent MuddyWater’s attacks in September, but further cyberattacks have been expected.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us