Shin Bet exposes Iran’s cyber plot: 200 attacks aimed at assassinating Israeli officials
Shin Bet exposes Iran’s cyber plot: 200 attacks aimed at assassinating Israeli officials
Phishing campaign aims to gather critical personal data for large-scale killings of top figures in Israel.
Iran has attempted 200 cyberattacks targeting senior Israeli officials and public figures in recent months as part of the initial phase of an assassination operation, the Shin Bet revealed Monday.
Since the October 7 Hamas terror attacks, Iran and its proxies have launched extensive cyber operations against Israeli targets. These efforts were aimed at disrupting and disabling critical infrastructure, extracting sensitive information from civilian and security institutions, and spreading fear, panic, and division among the public by disseminating misleading and divisive information on social media.
However, the operation revealed today by the Shin Bet highlights a series of cyberattacks with a distinctly different objective—these were the preliminary steps in a more complex plan to carry out large-scale assassinations within Israeli territory. According to the Shin Bet, Iran has been running a phishing campaign targeting senior security officials, politicians, academics, media figures, journalists, and other civilians in recent months.
The attackers sought to compromise the computers, smartphones, and email accounts of their targets to extract personal information such as physical addresses, social connections, and frequented locations. The ultimate aim was not merely to obtain information but to use it for orchestrating assassination operations against these individuals through squads recruited by Iran within Israel. In recent months, the Shin Bet and police uncovered nine separate cases of Israelis being recruited by Iran to carry out various missions.
The Shin Bet identified approximately 200 such attempted attacks. The Iranian hackers typically approached their targets via personal messages on WhatsApp, Telegram, or email, presenting tailored cover stories aligned with the targets’ professional or personal activities.
The goal of these messages was to persuade the victims to either download a malicious application onto their devices—granting the attackers access to their computers or smartphones—or to visit a spoofed website impersonating a legitimate email service. On these fake sites, the victims might inadvertently provide their personal or corporate email credentials. Either action would enable the attackers to infiltrate the victim's email accounts or devices and access all stored information.
After detecting this campaign and conducting a comprehensive investigation, the Shin Bet identified the individuals targeted by Iran and informed them about the attempted attacks.
“This is another significant threat in Iran's ongoing campaign against Israel, aiming to carry out assassination operations,” a Shin Bet official stated in a press release. “We urge the public to remain vigilant, as such cyberattacks can often be prevented through awareness, caution, suspicion, and appropriate online behavior. The Shin Bet, in coordination with Israel’s security agencies, will continue to identify Iranian activities and thwart them proactively.”
