November 18, 2021
A man employed as a cleaner in the home of Israeli Defense Minister Benny Gantz was charged Thursday with attempting to spy for the Black Shadow hacking group which is purportedly linked to Iran.
According to the indictment published by Israel’s justice ministry, Omri Goren Gorochovsky, a 37-year-old resident of the central city of Lod, was arrested on November 4.
An arrest warrant for Gorochovsky said he had an extensive criminal history, including five convictions and prison time served for various offenses including bank robbery, raising questions about how he was hired to work in the home of one of Israel’s top security officials.
In a separate statement, the Shin Bet domestic security agency said Gorochovsky had never gained access to “classified materials” and therefore did not successfully share state secrets.
Gorochovsky and his partner worked as cleaners in Gantz’s home in Rosh Haayin outside Tel Aviv, the indictment says.
Late last month, the Black Shadow hackers claimed a cyberattack targeting an Israeli Internet service provider which attracted widespread media attention.
In Gorochovsky’s charge sheet, Black Shadow is described as “affiliated to Iran.”
Following the high-profile cyberattack, Gorochovsky allegedly contacted Black Shadow via Telegram on or around October 31 with an offer to pass on information from Gantz’s home.
Using a false name, Israel says the suspect “identified himself as someone working in the home of the Israeli minister of defense, and noted his ability to assist the group in various ways.”
According to the charge sheet, Gorochovsky told a Black Shadow representative that for a “monetary sum” he would convey information via malware that he proposed implanting with a USB device.
To prove his credibility, the indictment says, Gorochovsky sent photographs of various items in the minister’s house.
Those included Gantz’s work desk, a package with a sticker that contained an IP address, souvenirs from Gantz’s previous role as Israel’s armed forces chief of staff, family photos and a property tax payment receipt.
The Shin Bet said the espionage attempt was quickly thwarted, with Gorochovsky arrested just days after he reached out to Black Shadow.
Attorney Gal Wolf, representing Gorochovsky, told Israeli public radio the indictment “grew in volume and in a direction that does not at all match the evidence.”
“The client I represent denies completely that he had any intention of harming state security. And the fact is at the end of the day he did not with his actions harm state security and he didn’t have the ability to harm,” Wolf said.
Instead, Gorochovsky’s actions should be seen as criminal deeds and to charge him with espionage was “a step too far,” Wolf said.
The hacking group, which has not acknowledged any link to Israel’s arch foe Iran, has been blamed for multiple attacks on Israel’s Internet infrastructure.
In the most recent case, it obtained the database of the largest Israeli LGBTQ dating site and released sensitive personal information, including HIV status, from as many as a million users.
The group has also penetrated an Israeli insurance firm, stealing a trove of data and leaking it when its demand for a ransom was not met.
Black Shadow hacks are seen as part of a years-long covert war between Israel and Iran including physical attacks on ships and offensive cyber moves online.
The Shin Bet said it had launched an investigation over Gorochovsky’s case “in order to reduce the chances of recurrence of these kinds of incidents in the future.”