THE Justice Department has seized four MOIS-linked domains as part of disrupting Iranian cyber-enabled psychological operations, according to the U.S. Attorney’s Office, District of Maryland. The four domains—Justicehomeland[.]org, Handala-Hack[.]to, Karmabelow80[.]org, and Handala-Redwanted[.]to—were used to claim hacks, publish stolen data, and threaten journalists and dissidents as part of a broader MOIS effort to push psychological operations and transnational repression.
The FBI investigation found these sites shared leak sites, Iranian IP ranges, and a common playbook that included destructive cyber-attacks and faketivist content. Handala-hack[.]to, for example, claimed responsibility for a March 2026 destructive malware attack against a U.S.-based multinational medical technologies firm, while Handala-Redwanted[.]to published PII of individuals associated with the IDF and Israeli government.
As part of the action, the Department of State’s Rewards for Justice programme is offering up to $10 million for information on malicous cyber activities against U.S. critical infrastructure, according to the article. The FBI Baltimore Field Office is leading the investigation, with prosecutions by the U.S. Attorney’s Office for the District of Maryland and the National Security Division’s National Security Cyber Section.