The U.S. Justice Department has identified Iran’s Ministry of Intelligence and Security (MOIS) as the force behind the hacktivist group Handala, which executed a damaging cyberattack on medical technology leader Stryker. Handala, a fictitious activist persona employed by MOIS, was used for psychological operations against adversaries, cyberattack claims, and dissemination of stolen data. The group’s activities also included urging violence against journalists, dissidents, and Israeli individuals.
The FBI’s intervention led to the seizure of two Handala-associated websites. These platforms were used by the group to announce cyber intrusions and expose personal details of alleged Israeli military personnel. Notably, Handala took credit for the recent breach on Stryker, remotely wiping numerous employee devices in retaliation for an Iranian school tragedy.
Additionally, the DOJ’s actions targeted two domains attributed to the MOIS-linked hacktivist persona ‘Justice Homeland’ or ‘Homeland Justice.’ These domains were reportedly used by Iranian state hackers to claim responsibility for a 2022 cyberattack on the Albanian government, resulting in service disruption and data compromise. Microsoft played a role in linking the attack to Iranian operatives.
Source: TechCrunch