Phishing Campaign Deploys Ransomware Dormant for a Year
The Israel National Cyber Directorate (INCD) has issued an advisory regarding a sophisticated phishing campaign culminating in a ransomware attack. Notably, the ransomware remained dormant on user systems for approximately one year before activation, highlighting a significant delay tactic employed by threat actors.
This extended dormancy period allowed the malware to evade initial detection and persist within environments, posing a long-term threat. The INCDβs findings underscore the importance of continuous monitoring and advanced threat detection capabilities that can identify dormant or low-activity malicious payloads.
Organizations are urged to review their security logs and incident response procedures to detect any signs of similar prolonged compromise. Proactive threat hunting for unusual file persistence or network activity, even if seemingly benign, is critical in mitigating such stealthy attacks.
Attached Files:
What This Means For You
- Implement advanced Endpoint Detection and Response (EDR) solutions capable of identifying dormant malware, unusual file persistence, and low-activity threats over extended periods, not just immediate execution.
Related ATT&CK Techniques
Source & Attribution
| Source Platform | INCD |
| Channel | Israel National Cyber Directorate |
| Channel ID | incd |
| Message ID | 1997 |
| Published | June 03, 2026 at 15:00 UTC |
| Original Link | https://www.gov.il/he/pages/alert_1997 |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
Active Phishing Campaign Targets Israeli Users
Shimi's Cyber World has learned of an active phishing campaign currently targeting users in Israel, as reported by the Israel National Cyber Directorate (INCD). The...
International Diversity Day 2026: Israel's Ministry of Labor Advisory
Shimi's Cyber World notes an advisory from the Israel National Cyber Directorate (INCD) concerning International Diversity Day on May 21, 2026, specifically referencing the Ministry...
Targeted Phishing Campaign Active in Israel Exploits Compromised Email Accounts
Shimi's Cyber World has learned of a targeted phishing campaign currently active in Israel, as reported by the Israel National Cyber Directorate (INCD). The campaign...