Israel charges Defense Minister’s house cleaner with leaking data to Iranian hackers
Image: Taylor Brandon
Catalin Cimpanu November 19, 2021

Israel charges Defense Minister’s house cleaner with leaking data to Iranian hackers

Israel charges Defense Minister’s house cleaner with leaking data to Iranian hackers

Israel has detained a man who worked as the personal house cleaner for the Defense Minister and charged him with leaking his employer’s photos and personal details to a group of Iranian hackers known as Black Shadow.

The suspect, named Omri Goren Gorochovsky, 37, was detained earlier this month, on November 4, according to court documents obtained by The Record.

Authorities said Goren worked as a cleaner in the personal home of Defense Minister Benny Gantz since June this year.

In late October, officials said that Goren saw articles in Israeli media about hacks carried out by the Black Shadow group.

In an attempt to make money, authorities said Goren sought out the hackers and reached out via their official Telegram channel from his personal smartphone.

Goren gave the hackers a fictitious name but identified himself as someone who worked in the Minister’s house. He offered to provide the hackers with access to the Minister and even offered to install malware on the official’s personal computer via a USB device.

Israeli investigators said that initially, the hackers did not believe Goren’s claims. To prove his claims, Goren took several images from inside Gantz’ house and shared them with the hackers on their Telegram channels. According to the indictment, these included images of the Minister’s:

  • Desktop, computers, phone, and tablet.
  • A box with a label with IDF affiliation details and serial numbers.
  • A case that had a sticker with an IP address.
  • A safe and grinding machine.
  • Military souvenirs given to the Minister in his previous position as chief of staff.
  • Framed pictures of the Minister and his family.
  • Documents showing the Minister’s property tax payments.

Authorities said that after sending the files, Goren deleted the photos from his phone in an attempt to hide his actions, along with the entire Telegram conversation.

Days later, the Minister’s photos leaked via a website called Moses Staff, believed to be operated by a different hacking group.

Gantz-leak
Image: The Record

Goren was detained days later by Israel’s internal security service, the Shin Bet, after the Minister’s data leak made headlines in Israel and triggered an investigation.

A subsequent investigation also found that Goren, who had worked as a house cleaner for years before the Gantz incident, had a criminal history, being convicted in five other cases, even service prison for four, including for burglary and bank robbery.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.