Ransom fail: Iranian hackers leak trove of Israeli LGBTQ dating app data

Iranian Hackers Leaked Private Messages and sensitive data of 690,000 Israeli LGBTQ Dating App Atraf Users After $1 Million Ransom is Denied.

An Iranian hacking group was denied its ransom demand worth around $1 million, after which it released sensitive private data of countless users of Atraf, an Israeli LGBTQ dating site.

The group, known as Black Shadow, obtained the data after hacking an Israeli hosting service called CyberServe, and the company refused to pay the ransom.

What Happened?

According to The Jerusalem Post, Black Shadow posted personal information of 1,000 Atraf app users and tens of thousands of users of other Israeli websites that the group had hacked previously because the company didn’t meet their demand of $1 million.

48 hours ended! Nobody sends us money. This is not the end, we have more plan,” the group stated.

What was Data Exposed?

Reportedly, Black Shadow first hacked into CyberServe, which hosts the servers for Atraf and other affected sites. Atraf, a Hebrew word that means craziness, is a Tel Aviv-based gay dating website launched in 2002.

The hackers then posted alleged screenshots depicting a representative agreeing to pay them $500,000. However, CyberServe denied having this agreement with the hackers.


Afterward, Black Shadow leaked detailed medical records of an Israeli hospital, Machon Mor institute, exposing records of 290,000 patients. The exposed data included:

  • CT scans
  • Blood tests
  • Treatments
  • Ultrasounds
  • Vaccinations
  • Colonoscopies

Then the group uploaded information from the dating app, which included ticket purchases, members’ names, HIV status (in some cases), location, and private chats. They also threatened the company to expose information of 50 Israeli celebrities and leak their videos.

However, Atraf didn’t oblige. Currently, the Atraf app and website both are offline. The data was then leaked on the group’s official website and Telegram channel. According to’s analysis, the full set of leaked Atraf data includes:

  • IDs
  • Interests
  • Nickname
  • Usernames
  • Addresses
  • Phone numbers
  • Email addresses (691,000)
  • Plain text passwords

One of the leaked files also included payment card data such as CVV codes, card type, and expiry data in plain text. However, no card numbers were found.

Screenshot from the leaked data (Image:

It is worth noting Black Shadow is the same group that hacked Israeli insurance firm Shirbit in December 2020. The group also leaked sensitive company’s and its customers’ data online.

As for the latest hack, Atraf published a post on Facebook explaining that it had contacted government authorities and regarded it as a blackmailing attempt.

“We alerted the authorities in the state of Israel about the intention of the hackers to publish the records and asked for the immediate removal of the Telegram accounts. The motive of the terrorist group is not economic but national, so we are following the directives of the [National Cyber Directorate],” the messages read.

To Top

Pin It on Pinterest

Share This