Cyber Threat Actor: East Jerusalem Car Thieves
| Actor Type | Location | Known Incidents |
Criminal
|
Israel
|
1 incident |
|---|
Profile
The threat actor is publicly referenced under the alias East Jerusalem Car Thieves. Open-source information indicates the group is based in Israel, with operational focus on the Jerusalem region. Their activities have been described in relation to vehicle theft operations targeting high-end automobiles. No public sources associate the actor with a state sponsor or larger criminal consortium. The actor’s known conduct centers on the acquisition and resale of stolen vehicles.
The group’s method begins with exploiting a data breach at automobile manufacturers Hyundai and Kia to obtain internal registration data. From the compromised data they extract registration numbers that are linked to anti-theft codes and key production information. Using this information they fabricate functional keys for specific vehicle models. With fabricated keys they locate the corresponding vehicles at owners’ residences, primarily in the Jerusalem area, and physically steal them. The stolen vehicles are then transported across regional borders and smuggled into the West Bank for subsequent resale.
A publicly reported incident from December 20, 2016 details the group's use of the described technique to steal dozens of new luxury vehicles. Israeli law enforcement investigated the thefts, traced the compromised manufacturer data, and arrested three suspects linked to the operation. The operation resulted in losses valued in the millions of shekels for vehicle owners and insurers. Manufacturer officials were notified during the investigation and the breach was addressed as part of the response. This case remains the primary documented example of the East Jerusalem Car Thieves’ operational pattern.
