FBI seizes websites linked to pro-Iranian hackers after Stryker cyberattack
What's the story
The Federal Bureau of Investigation (FBI) has seized two websites linked to the pro-Iranian hacktivist group, Handala. The action comes after the group's recent attack on US medical tech giant Stryker. The FBI did not specify why it took down the sites, but their language suggests that US authorities suspected these were operated by hackers associated with a foreign government.
Seizure details
'United States government has taken control of this domain'
The seizure announcement from the FBI read, "Law enforcement authorities determined this domain was used to conduct, facilitate, or support malicious cyber activities on behalf of, or in coordination with, a foreign state actor." It further stated that "the United States Government has taken control of this domain to disrupt ongoing malicious cyber operations and prevent further exploitation." TechCrunch confirmed the seizure by checking nameserver records which now point to servers controlled by the FBI.
Group's reaction
Handala called the seizures 'a desperate attempt to silence us'
In a series of posts on its official Telegram channel, Handala confirmed that its websites had been taken offline. The group called the seizures "a desperate attempt to silence our voice." They added, "This act of digital aggression only serves to highlight the fear and anxiety our actions have instilled in the hearts of those who oppress and deceive."
Background check
Hackers claimed to have attacked Stryker in retaliation for missile
Handala has been active since the October 7, 2023, Hamas attacks and is believed to be associated with the Iranian regime. Last week, they claimed responsibility for the attack on Stryker in retaliation for a US government missile strike that killed at least 175 people in an Iranian school. The group had reportedly hacked into an internal Stryker administrator account, gaining near-unlimited access to the company's Windows network.
Operational disruption
Hackers took over Stryker's Intune dashboards
The hackers allegedly took over Stryker's Intune dashboards, a tool for managing employee laptops and mobile devices remotely. With access to these dashboards, they were reportedly able to wipe devices owned by both the company and its employees. On Tuesday, Stryker said it is still restoring its computers and internal network after the hack.