Multiple sources have reported that Iranian threat actors have been identified as being responsible for the two recent ransomware waves targeting Israeli companies. These ransomware attacks targeting Israeli targets have been happening since mid-October, and have intensified this month. There have been Israeli companies of all sizes targetted by the attacks, with the actors using Pay2Key and WannaScream ransomware strains in these attacks.
In these attacks, hackers have breached corporate networks, encrypted files, stolen company data and asked for large payouts to deliver a decryption key in order to stop such attacks. The Pay2Key attacks are unusual because, unlike other ransomware operations, the Pay2Key attacks have repeatedly focused on infecting Israeli companies. The WannaSceam attacks on the other hand are more common worldwide.