THE United States government has for the first time officially linked the Handala hacker group to the Iranian government, according to the Justice Department, and the announcement came amid the takedown of several Handala websites used for psychological operations. Handala has been tied to attacks including wiping and exfiltrating data, but the article notes its best-known attack targeted Stryker and disrupted manufacturing and shipping.
The Justice Department said Iran’s MOIS used the four seized domains—Justicehomeland[.]org, Handala-Hack[.]to, Karmabelow80[.]org, and Handala-Redwanted[.]to—to claim credit for hacks, post stolen data, and call for violence against journalists and regime dissidents. An X account used by Handala was also suspended in recent days. According to SecurityWeek, the US Department of State is offering a reward of up to $10 million for information on foreign hackers who target critical infrastructure.