U.S. accuses Iran’s government of operating hacktivist group that hacked Stryker

The U.S. Justice Department accused Iran’s authorities of being down the hacktivist radical Handala, which past week claimed work for the destructive cyberattack against the U.S. aesculapian tech elephantine Stryker. 

In a press release published connected Thursday, the Justice Department said Iran’s Ministry of Intelligence and Security (MOIS) is operating Handala. 

The Justice Department called the radical a fake activistic persona that the Iranian ministry utilized to transportation retired “psychological operations” against the regime’s enemies, to assertion work for cyberattacks, and to people stolen accusation obtained during those hacks. The radical besides called for the sidesplitting of journalists, authorities dissidents, and Israeli persons, per the DOJ. 

The announcement came hours aft the FBI seized 2 websites linked to Handala, arsenic archetypal reported by TechCrunch. The radical utilized the websites to publicize its alleged cyberattacks, arsenic good arsenic to people the idiosyncratic accusation of dozens of radical who allegedly worked for the Israeli subject and defence contractors. 

Handala took recognition connected its website for the March 11 cyberattack connected Stryker, during which the hackers remotely wiped tens of thousands of worker devices. The hackers said the breach was successful retaliation for a U.S. aerial onslaught connected an Iranian school, sidesplitting dozens of children.

FBI manager Kash Patel was quoted successful the DOJ’s property merchandise arsenic saying that the FBI “took down 4 of their operation’s pillars and we’re not done.”

Apart from the 2 websites utilized by Handala, the DOJ besides seized 2 different domains allegedly utilized by Iran’s MOIS via different hacktivist persona calling themselves “Justice Homeland” oregon “Homeland Justice.” The DOJ accused Iranian authorities hackers of utilizing those 2 domains to assertion work for hacking the Albanian authorities successful 2022, successful a cyberattack that resulted successful authorities servers being taken offline and the theft of delicate data. Microsoft besides linked the attack against the Albanian authorities to the MOIS.

In an affidavit submitted successful tribunal to enactment the seizure of Handala’s websites, the FBI said that Handala, Justice Homeland, and different hacktivist persona called Karma Below, “are portion of the aforesaid conspiracy due to the fact that they are operated by the aforesaid individuals.”

Handala responded to the DOJ’s announcement successful a connection posted connected its authoritative Telegram channel, wherever the hackers called the U.S. authorities actions “nothing much than the latest hopeless attempts by the United States and its allies to soundlessness the dependable of Handala.”

DomainTools’ cybersecurity researcher Keith O’Neill told TechCrunch that Handala has already acceptable up caller domains that person not yet been seized.

The hacking radical did not respond to a petition for remark sent to a chat relationship publicized by the hackers, arsenic good arsenic an email code identified by the Justice Department successful its affidavit. 

A spokesperson for Iran’s Permanent Mission to the United Nations did not respond to TechCrunch’s petition for comment. Stryker besides did not respond to a petition for comment.

Alex Orleans, the caput of menace quality astatine Sublime Security who has tracked Iranian hackers for years, told TechCrunch that it is imaginable that the radical down the Handala persona are not the aforesaid individuals doing the existent hacking. 

“Handala does not needfully equate, one-to-one, with the actors conducting the activities it’s taking recognition for,” said Orleans. “There could beryllium aggregate teams conducting existent intrusions portion a chiseled squad is liable for maintaining the persona — with each of these chiseled elements coexisting wrong a larger unified MOIS element.”

“There’s a level of opacity determination that tin beryllium hard to penetrate,” helium said.