The United States has announced the seizure of four domains allegedly used by Iran’s Ministry of Intelligence and Security for hacking, stealing sensitive information and plotting the murder of dissidents and journalists as the war between the U.S. and Iran intensifies without an end in sight.
In a statement by the U.S. Department of Justice on Thursday, the Iranian intelligence agency was found to have deployed the four domains identified as Justicehomeland[.]org, Handala-Hack[.]to, Karmabelow80[.]org, and Handala-Redwanted[.]to conduct cyber warfare since the United States and Israel launched a ‘preemptive’ attack on Iran last month.
According to the Justice Department, the MOIS, on March 11, via Hack Reward (Handala-hack[.]to domain), claimed credit for conducting destructive malware on an American multinational medical technologies firm, with the persona of the domain, stating it was a response to “ongoing cyber assaults against the infrastructure of the Axis of Resistance”.
The department also alleged that five days prior to the attack on the medical firm, the persona of the same domain published confidential personally identifiable information of individuals it claimed worked for the Israeli Defence Force and also said it had stolen 851 gigabytes of confidential data from members of the Sanzer Hasidic Jewish community.
Authorities further claimed that Handala Hack, via the Handala-redwanted[.]to domain, was used to post the names and sensitive information of 190 people either employed or associated with the Israeli government or the IDF on March 9. The posts on the domain were alleged to have contained threats against the individuals.
Additionally, the Justice Department said that the information and threats were not only published publicly on the four domains, as the Federal Bureau of Investigation found that the MOIS used the email account Handala_Team@outlook[.]com to send death threats to Iranian dissidents and journalists living in the United States and other countries.
The government stated the persona of Handala Hack offered bounties and openly called for Mexican cartel “partners” to commit acts of violence against Handala Hack’s targets in their communications.
“We the Handala Hack team, the loyal followers of the supreme leader Ali Hosseini Khamenei, declare war on all the enemies of Islam in the West. Our partners, the CJNG [Jalisco New Generation Cartel] cartel in America and Canada have been given a list of our enemies who are responsible for our great leaders [sic] death.
“[Redacted names], you laughed like hyenas during the [redacted] show. We have hacked and revealed your home addresses in [redacted] and [redacted] to our partners in the CJNG who are in [redacted U.S. state] and [redacted foreign country] now. Both of you will be executed soon, and we have offered a reward of $250,000 for the operatives who kills [sic] and beheads both of you. ALLAHU AKBAR,” one of the communications said.
Reacting to the seizure, U.S. attorney general Pam Bondi said, “Terrorist propaganda online can incite real-world violence — thanks to our National Security Division and the U.S. Attorney’s Office for the District of Maryland, this network of Iranian-backed sites will no longer broadcast anti-American hate. Our cyber assets will remain ever-vigilant to root out and deactivate networks that pose a threat to American citizens.”
