Cryptocurrency Payments Become Information Infiltration Tool: Soldier Sells Israeli "Iron Dome" Secrets for 1000 USD

Israeli authorities on March 20 charged Raz Cohen, a reservist in the Israel Defense Forces, with leaking classified information about the Iron Dome missile defense system to Iranian intelligence contacts in exchange for approximately $1,000 in cryptocurrency. This case was jointly filed by the Israel National Security Agency and the Lahav 433 police unit in Jerusalem District Court following the “Raging Lion” operation.

The Full Scope of the Case: 27 Classified Leaks in One Month

Cohen, 26 years old, served from 2019 to 2022 in the command and control department of the Iron Dome system, gaining access to operational details and base deployment information. According to the Israel Times, he established contact with Iranian contacts via Telegram starting in December 2025. Over about a month, he transmitted a total of 27 photos and videos, including:

• The firing procedures, rate of fire, and ammunition loading operations of the Iron Dome system
• GPS coordinates of the Iron Dome batteries at Hatzerim and Palmachim bases
• Location information of seven Israeli Air Force bases
• Personal details of Israeli security personnel, including a guard from the Presidential Guard and relatives of Air Force pilots

Cohen not only provided technical system information but also voluntarily disclosed his military identity to contacts, significantly increasing the credibility and potential harm of the leaks.

The Role of Cryptocurrency Payments in Intelligence Operations: Why is $1,000 Enough?

This case reveals the operational tactics of hostile intelligence agencies in the modern digital environment: using small cryptocurrency payments as incentives to contact military personnel with valid security clearances via encrypted messaging apps like Telegram. Although $1,000 appears insignificant, for intelligence buyers, acquiring detailed operational data and deployment coordinates of high-level defense systems at minimal cost offers strategic asymmetrical advantages.

Four Key Vulnerabilities Revealed by This Case

Anonymity of Cryptocurrency Payments: Small crypto transactions are difficult to trace through traditional financial monitoring, reducing the risk of detection of the funding trail.

Encryption Features of Telegram: End-to-end encryption makes it difficult to detect recruitment communications in real-time, providing technical cover for intelligence contacts.

Residual Risks from Former Service Members’ Security Clearances: Even after leaving the military, Cohen retained practical operational knowledge gained during service, not through deliberate theft.

Social Engineering and Personnel Vulnerability: Later in the contact, Cohen’s sister’s photos were used as threats, demonstrating psychological manipulation tactics in intelligence operations.

Broader Context of the Surge in Israeli Espionage Cases

Israeli authorities note that dozens of Israelis have faced similar allegations related to Iran over the past two years. Since the outbreak of the Iran conflict, recruitment activities via social media and encrypted messaging apps have increased significantly, making it an urgent national security issue to protect active and retired personnel with security clearances from infiltration.

Cohen ultimately blocked his contacts and deleted his Telegram account in February 2026, but it was too late—he was arrested on March 1, the second day after the outbreak of the Iran conflict.

Frequently Asked Questions

Why would an Israeli soldier be willing to leak Iron Dome secrets for only $1,000?
While the full motives are not publicly disclosed, the case details show Cohen was threatened with family photos, indicating a combination of financial temptation and psychological coercion. The low amount reflects the cost-effectiveness of such intelligence operations—buyers can obtain valuable strategic information at minimal expense, which can have significant military implications.

How does cryptocurrency facilitate intelligence operations?
Cryptocurrency payments are difficult to trace through traditional banking channels, allowing buyers to transfer funds to targets without leaving traceable records. When combined with encrypted messaging apps like Telegram, this creates a comprehensive operational method that resists conventional intelligence detection.

How much damage has this case caused to Israel’s Iron Dome defense system?
According to the indictment, Cohen provided GPS coordinates of multiple Iron Dome batteries and the locations of seven Air Force bases, information that could be used to plan attacks. Additionally, system operation procedures and firing rate data could help adversaries evaluate and counter the system’s effectiveness. The actual strategic damage is difficult to quantify precisely.