CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Nation-State

US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites

The US has seized several domains used by Handala in cyber-enabled psychological operations. The post US Confirms Handala Link to Iran Government Amid Takedown of Hackers’ Sites appeared first on SecurityWeek.

Handala website seized

The United States government has for the first time officially linked the notorious Handala hacker group to the Iranian government. The announcement came amid the takedown of several websites used by Handala.

Handala has been on the radar of cybersecurity firms for years, but it gained widespread attention in recent days after ramping up its activity following the start of the US-Israel-Iran conflict

Handala has allegedly launched many attacks against Israel, including wiping military weather servers, hijacking security camera feeds, exfiltrating and deleting corporate data, publicly exposing details of intelligence personnel, and compromising an oil and gas exploration firm.

However, its best-known attack targeted the US-based medical technology giant Stryker, causing significant disruption after wiping thousands of its systems.

Handala portrays itself as a pro-Palestinian hacktivist group motivated by anti-Israeli ideology. The cybersecurity community, however, widely regards it as a cover for Void Manticore, an Iranian state-sponsored threat actor believed to operate under the direction of Iran’s Ministry of Intelligence and Security (MOIS).

The Justice Department has now confirmed the connection between Handala and Iran’s MOIS, after it took down four websites used by the hacker group for psychological operations.

Specifically, authorities seized four domains: Justicehomeland[.]org, Handala-Hack[.]to, Karmabelow80[.]org, and Handala-Redwanted[.]to. 

The Justice Department said Iran’s MOIS used the seized websites “in furtherance of attempted psychological operations targeting adversaries of the regime by claiming credit for hacking activity, posting sensitive data stolen during such hacks, and calling for the killing of journalists, regime dissidents, and Israeli persons”.

An X account used by the hacker group was also suspended in recent days.

The US Department of State is offering a reward of up to $10 million for information on foreign hackers who target critical infrastructure. 

Related: Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

Related: Tycoon 2FA Phishing Platform Dismantled in Global Takedown

Related: RedVDS Cybercrime Service Disrupted by Microsoft and Law Enforcement

Latest News

CYBERNEWSMEDIAPublisher