A house cleaner working for Israeli Defense Minister Benny Gantz has been charged for allegedly offering to spy for an Iranian-linked hacker group, the Israeli Justice Ministry said Thursday.
Israeli authorities arrested Omri Goren Gorochovsky, 37, on Nov. 4, according to the newly released indictment. Gorochovsky, who began working in Gantz’s home outside Tel Aviv in 2018, is charged with espionage and faces 10-15 years in prison. Because he didn’t gain access to classified materials, Gorochovsky wasn’t charged with sharing state secrets.
The indictment says that on or around Oct. 31 Gorochovsky used the messaging app Telegram to contact “a figure affiliated with Iran and offered to help him in different ways, in light of his access to the minister’s home,” including by installing malware on Gantz’s computer in exchange for a “monetary sum.”
The figure was reportedly a member of Black Shadow, a hacking group suspected of affiliation with Iran that most recently released a trove of data from an Israel-based LGBTQ dating site after its ransom demand of $1 million wasn’t met.
Black Shadow has been linked to a number of other high-profile cyberattacks in Israel, including the recent release of the medical records of some 290,000 Israeli patients. In December 2020, the suspected Iranian hackers extorted an Israeli insurance company for $1 million.
Gorochovsky reportedly reached out to the group after learning of its attack on the LGBTQ site. The indictment said that Gorochovsky sent photographs he took throughout Gantz’s house, including pictures of the defense minister’s computer, phone and tablet, “in order to prove his ability and sincerity.”
The Times of Israel reports that Gorochovsky has a criminal history, having previously served four prison sentences for bank robbery, theft and other crimes. The oversight prompted Israel’s Shin Bet security service to launch a review of its background check procedures, “with the goal of limiting the possibility of cases like this repeating themselves in the future.”
Goren’s public defender said his client “claims he acted out of economic distress” and didn’t intend to harm national security.
This isn’t Gantz’s first brush with Iranian hackers. During his 2019 campaign against then-Prime Minister Benjamin Netanyahu, Gantz was informed by the Shin Bet that Iranian state intelligence had accessed the personal information stored in his cellphone. Gantz’s campaign suggested Netanyahu’s side had leaked the story.
On Wednesday, the US, British and Australian governments warned that hackers “associated with the government of Iran” are actively targeting a wide range of US sectors, including with ransomware. The targets reportedly included a US-based hospital specializing in health care for children and a web server hosting the domain for a US municipal government.