U.s. Accuses Iran’s Government Of Operating Hacktivist Group That Hacked Stryker

The U.S. Justice Department accused Iran’s authorities of being down nan hacktivist group Handala, which past week claimed work for nan destructive cyberattack against nan U.S. aesculapian tech elephantine Stryker. 

In a press release published connected Thursday, nan Justice Department said Iran’s Ministry of Intelligence and Security (MOIS) is operating Handala. 

The Justice Department called nan group a clone activistic persona that nan Iranian ministry utilized to transportation retired “psychological operations” against nan regime’s enemies, to declare work for cyberattacks, and to people stolen accusation obtained during those hacks. The group besides called for nan sidesplitting of journalists, authorities dissidents, and Israeli persons, per nan DOJ. 

The announcement came hours aft the FBI seized 2 websites linked to Handala, arsenic first reported by TechCrunch. The group utilized nan websites to publicize its alleged cyberattacks, arsenic good arsenic to people nan individual accusation of dozens of group who allegedly worked for nan Israeli subject and defense contractors. 

Handala took in installments connected its website for nan March 11 cyberattack connected Stryker, during which nan hackers remotely wiped tens of thousands of worker devices. The hackers said nan breach was successful retaliation for a U.S. aerial onslaught connected an Iranian school, sidesplitting dozens of children.

FBI head Kash Patel was quoted successful nan DOJ’s property merchandise arsenic saying that nan FBI “took down 4 of their operation’s pillars and we’re not done.”

Apart from nan 2 websites utilized by Handala, nan DOJ besides seized 2 different domains allegedly utilized by Iran’s MOIS via different hacktivist persona calling themselves “Justice Homeland” aliases “Homeland Justice.” The DOJ accused Iranian authorities hackers of utilizing those 2 domains to declare work for hacking nan Albanian authorities successful 2022, successful a cyberattack that resulted successful authorities servers being taken offline and nan theft of delicate data. Microsoft besides linked nan attack against nan Albanian authorities to nan MOIS.

In an affidavit submitted successful tribunal to support nan seizure of Handala’s websites, nan FBI said that Handala, Justice Homeland, and different hacktivist persona called Karma Below, “are portion of nan aforesaid conspiracy because they are operated by nan aforesaid individuals.”

Handala responded to nan DOJ’s announcement successful a connection posted connected its charismatic Telegram channel, wherever nan hackers called nan U.S. authorities actions “nothing much than nan latest hopeless attempts by nan United States and its friends to soundlessness nan sound of Handala.”

DomainTools’ cybersecurity interrogator Keith O’Neill told TechCrunch that Handala has already group up caller domains that person not yet been seized.

The hacking group did not respond to a petition for remark sent to a chat relationship publicized by nan hackers, arsenic good arsenic an email reside identified by nan Justice Department successful its affidavit. 

A spokesperson for Iran’s Permanent Mission to nan United Nations did not respond to TechCrunch’s petition for comment. Stryker besides did not respond to a petition for comment.

Alex Orleans, nan caput of threat intelligence astatine Sublime Security who has tracked Iranian hackers for years, told TechCrunch that it is imaginable that nan group down nan Handala persona are not nan aforesaid individuals doing nan existent hacking. 

“Handala does not needfully equate, one-to-one, pinch nan actors conducting nan activities it’s taking in installments for,” said Orleans. “There could beryllium aggregate teams conducting existent intrusions while a chopped squad is responsible for maintaining nan persona — pinch each of these chopped elements coexisting wrong a larger unified MOIS element.”

“There’s a level of opacity location that tin beryllium difficult to penetrate,” he said.