Hours after the US Justice Department seized websites run by Iranian hackers going by the name Handala, the group said it would not be silenced.
In a lengthy message on a Telegram channel, Handala Hack, the group said it was more than only a website and series of internet domains.
“The seizure of our domains, propaganda bombardment, threats of assassination, and even the looming shadow of aerial bombardment are nothing more than the latest desperate attempts by the United States and its allies to silence the voice of Handala,” the Telegram post read in part.
“Handala has emerged from the fire of terror and bombardment, each time stronger and more steadfast,” it continued.
On Thursday, the Justice Department announced it had activated a warrant to “disrupt hacking and transnational repression schemes conducted by the Islamic Republic of Iran’s Ministry of Intelligence and Security”.
Court documents filed by the DOJ show a lengthy investigation into Handala stretching back to 2022.
The filings also confirm that Handala was responsible for last week’s cyber attack against Michigan-based medical technology company, Stryker, which has more than 50,000 employees around the world.
The US also alleges that Handala might also be responsible for cyber attacks affecting hospitals and medical services in Maryland.
“We took down four of their operation’s pillars and we’re not done,” said FBI director Kash Patel shortly after the Justice Department announced the seizure of several Handala internet properties, adding that the US would “hunt down every actor behind these cowardly death threats and cyber attacks”.
The Justice Department also said that the seizures of Handala assets would lessen the amount disinformation released by the group.
“Terrorist propaganda online can incite real-world violence,” said US Attorney General Pamela Bondi. “This network of Iranian-backed sites will no longer broadcast anti-American hate.”
Yet simply seizing the group’s domains are unlikely to thwart cyberattacks for long.
Despite decades of sanctions affecting Iran’s economy and military, the country has spent years bolstering its cyber capabilities. Microsoft’s security division warned last year that Iran shows no sign of slowing its cyber attack efforts.
Meanwhile, the war in Iran has left the ruling regime with little to lose, so cyber attacks against America and other countries may well increase.
“History has shown that neither bullets, nor bombs, nor assassinations have ever been able to stand against the will of nations and the voice of truth,” Handala’s message on its Telegram channel read.
Risk-monitoring firm CloudSEK reported that between February 27 and March 2, co-ordinated cyber disruption attempts were logged against 10 financial institutions.
These included major banks in Saudi Arabia, Jordan and Israel as well as seven aviation and logistics entities, government ministries, defence-related targets and telecoms providers.
