A man employed in the home of Israeli Defence Minister Benny Gantz was charged Thursday with attempting to spy for the Black Shadow hackers, who are purportedly linked to Iran.
According to the indictment published by Israel’s justice ministry, Omri Goren Gorochovsky, a 37-year-old resident of the central city of Lod, was arrested on November 4.
An arrest warrant for Gorochovsky said he had an extensive criminal history, including five convictions and prison time served for various offences including bank robbery, raising questions as to how he was hired to work in the home of one of Israel’s top security officials.
In a separate statement, the Shin Bet domestic security agency said Gorochovsky never gained access to “classified materials” and therefore did not successfully share state secrets.
Gorochovsky and his partner worked as cleaners in Gantz’s home in Rosh Haayin outside Tel Aviv, the indictment says.
Late last month, the Black Shadow hackers claimed a cyberattack targeting an Israeli internet service provider which attracted widespread media attention.
In Gorochovsky’s charge sheet, Black Shadow is described as “affiliated to Iran”.
Following the high-profile cyberattack, Gorochovsky allegedly contacted Black Shadow via Telegram on or about October 31 with an offer to pass information from Gantz’s home.
Using a false name, Israel says the suspect “identified himself as someone working in the home of the Israeli minister of defence, and noted his ability to assist the group in various ways”.
According to the charge sheet, Gorochovsky told a Black Shadow representative that for a “monetary sum” he would convey information via malware that he proposed implanting with a USB device.
– Family photos –
To prove his credibility, the indictment says, Gorochovsky sent photographs of various items in the minister’s house.
Those included Gantz’s work desk, a package with a sticker that contained an IP address, mementoes from Gantz’s previous role as Israel’s armed forces chief of staff, family photos and a property tax payment receipt.
The Shin Bet said the espionage attempt was quickly thwarted, with Gorochovsky arrested just days after he reached out to Black Shadow.
The hacking group, which has not acknowledged any link to Israel’s arch foe Iran, has been blamed for multiple attacks on Israel’s internet infrastructure.
In the most recent case, it obtained the database of the largest Israeli LGBTQ dating site and released sensitive personal data, including HIV status, about as many as a million users.
The group has also penetrated an Israeli insurance firm, stealing a trove of data and leaking it when its demand for a ransom was not met.
Black Shadow hacks are part of a years-long covert war between Israel and Iran including physical attacks on ships and offensive cyber moves online.
The Shin Bet said it had also launched an investigation “in order to reduce the chances of recurrence of these kinds of incidents in the future”.