FBI Seizes Iranian On-line Leak Websites After Stryker Hack

U.S. federal brokers seized 4 net domains related to Iranian hacking operations days after a menace actor going by Handala posted screenshots it mentioned got here from contained in the IT techniques of medical machine producer Stryker.

See Additionally: New Assaults. Skyrocketing Prices. The True Value of a Safety Breach.

Handala – broadly suspected of being a entrance for Iranian intelligence – broke into the medical machine maker’s Energetic Listing on March 11, resulting in a disruption in ordering and transport that also persists (see: Well being Sector Braces for Stryker Hack Provide Chain Shock).

It posted onto handala-hack.to proof of the hack and asserted that it deleted 12 petabytes from Stryker techniques. Now, the web site shows a seizure discover left by the FBI and the Division of Justice.

Federal authorities moreover seized three different domains utilized by Iranian intelligence in hack-and-leak operations or to make threats justicehomeland.org, and handala-redwanted.to.

They have been capable of seize the domains as a result of the registrars used to create them, Public Curiosity Registry and Namecheap, are positioned in america.

Iran “used the seized domains to dox and harass dissidents and journalists, incite violence towards Jewish communities and unfold Tehran’s anti-American propaganda,” mentioned Assistant Legal professional Basic for Nationwide Safety John A. Eisenberg.

Since america and Israel started a protracted bombing marketing campaign towards Iran on Feb. 28, Handala has been particularly lively, posting what it mentioned have been 100,000 emails of a former Israeli intelligence agent now at a assume tank, subscribers to the Telegram channel belonging to a pseudonymous Iranian netizen and the putative identities of senior Israeli army officers. It posted what it says was 851 gigabytes of confidential knowledge from members of the Sanzer Hasidic Jewish group.

Handala despatched demise threats to Iranian dissidents and journalists, telling two in a March 1 electronic mail that it shared their names and residential addresses with “our companions,” the Jalisco New Era Cartel, a Mexican transnational legal group.

The Stryker hack didn’t have an effect on particular person medical gadgets, however the FBI in an affidavit mentioned that some hospitals in Maryland on March 11 responded to the assault by switching away from Stryker tools – it makes hands-free communications techniques – to depend on radio and verbal exchanges. The Stryker assault “in some circumstances interfered with the supply of emergency medical care in Maryland hospitals,” the affidavit states.

One of many disrupted domains justicehomeland.org, figured closely in a 2022 assault towards Albania’s on-line service portal for residents. The location revealed paperwork that appeared to belong to the Albanian authorities and residential permits that appeared to belong to members of an Iranian opposition group residing in Albania, the Mojahedin-e-Khalq (see: US Sanctions Iranian Spooks for Albania Cyberattack).

Content material from the seized domains continues to be out there via archive.as we speak, a website of unsure possession that permits customers to save lots of copies of internet sites. A brand new Handala web site apparently appeared on-line late Thursday. The registrar used to create it’s the authorities of the Kingdom of Tonga, a Polynesian island nation that presents /to nation code top-level domains. “The voice of Handala won’t ever be silenced,” the location asserts.

FBI Director Kash Patel vowed that america is “not executed” with preventing Handala.