Iranian cyber group “Promised Revenge” hacked Israel’s religious internet provider Rimon, sparking mass outages and raising alarms over potential exposure of sensitive user data.
On Saturday night, Iranian hackers known as the “Promised Revenge” launched a major cyberattack on Rimon Internet, Israel’s leading filtering provider for the religious and haredi sectors.
The assault, which began at 11:30 p.m., left thousands of customers facing severe service disruptions — from slow connections to complete internet blackouts.
🔥 Rimon Confirms Attack
By Sunday morning, Rimon issued an official statement:
“On August 23, 2025, we detected an attack from a hostile entity. Immediately upon discovery, we acted to block the intrusion. Our teams, alongside Israel’s top cyber experts, are now restoring services. Some customers may still face disruptions in filtering and connectivity.”
The company assured users that “at this stage, there are no indications that personal customer information has been leaked.”
🎥 Hackers Release Video Proof
Simultaneously, the attackers released a video allegedly showing them disabling Rimon’s servers in real time, deleting infrastructure, and claiming to have stolen sensitive information from inside the company. While no proof of stolen data has yet been presented, the hackers insist they hold confidential material.
Rimon’s own traffic data from IIX (Israel Internet Exchange) showed a noticeable drop in service during the attack, though not a complete shutdown.
⚠️ Why This Hack Is Dangerous
Unlike typical internet providers, Rimon operates as a full gateway filter:
- All web traffic is routed through its servers.
- Using a legitimate MITM (Man-in-the-Middle) technique, it decrypts HTTPS traffic, scans content based on user rules, blocks unwanted material, and then re-encrypts it.
This means Rimon has full visibility into customers’ online behavior, including:
- Browsing history & page content
- Login credentials
- Private communications
A successful breach could therefore expose not only credentials but also deeply personal and sensitive user data — from private emails to filtered searches.
📉 Current Situation
As of this morning:
- Rimon’s main website and its subsidiaries Etrog and NetFiber remain offline.
- Support is limited to an *automated line (8900) and Facebook updates.
- Some users report partial service restoration, but nationwide disruptions continue.
Cyber experts warn that the religious community’s digital privacy may now be at risk — making this one of the most sensitive cyber incidents in Israel’s recent history.
