Selling templates

DOJ says it shut down websites that spread Iranian propaganda, threatened dissidents and took credit for hacks

Monkey 2 Views 0 Comments


The Justice Department says it has shuttered four websites that were allegedly used by Iranian government-linked groups to post hacked information and threaten regime critics.

The move comes amid fears that the U.S. and Israel’s war with Iran could expand into cyberattacks. A news agency linked to the Iranian Revolutionary Guards has threatened American tech companies that they could be targets, and one of the Iran-linked groups targeted by the Justice Department appeared to take credit for a hack on a Michigan medical technology company last week. 

Meanwhile, U.S. military officials have said cyber operations helped to degrade Iran’s communications in the early hours of the war.

The websites that were shut down by the Justice Department had names that corresponded to three different alleged hacking groups: Handala, Homeland Justice and Karma Below. In court papers, the FBI said all three groups are run by Iran’s Ministry of Intelligence and Security, and they use similar tactics, including “custom-built malware.”

The Justice Department says the four sites were used for Iranian government-sponsored “hacking and transnational repression schemes,” and for “attempted psychological operations targeting adversaries of the regime.”

For example, the Handala sites were allegedly used to take credit for “a destructive malware attack against a U.S.-based multinational medical technologies firm.” 

The Justice Department didn’t identify that firm, but last week, medical technology company Stryker reported a cyberattack that caused “global disruption.” Cybersecurity expert Brian Krebs wrote in a blog post last week that Handala appeared to claim responsibility for the incident, which was ostensibly in retaliation for a deadly bombing of a girls’ school in Iran that early assessments say the U.S. may have been responsible for.

Stryker said the hack was limited to its internal Microsoft systems and did not affect any of its products, including its medical implants. CBS News has reached out to the company for comment.

Handala has also allegedly used the seized websites in recent weeks to take credit for a hack against members of a Hasidic Jewish community, and to share names and personal information for Israel Defense Forces and Israeli government employees, the Justice Department said. At one point, the group allegedly encouraged supporters of Iran to “respond” to the IDF personnel, the Justice Department said.

And Handala was accused of emailing death threats earlier this month to Iranian dissidents and journalists, at least one of whom lived in the United States, the Justice Department said. One alleged message that was disclosed by the Justice Department claimed Handala was “partners” with the Mexico-based Jalisco New Generation Cartel and offered a $250,000 reward for the target’s death.

One of the other shuttered websites was associated with Homeland Justice and was allegedly used to take credit for a highly publicized 2022 hack against the Albanian government, the DOJ said.

The FBI said in court papers that as part of its investigation, an undercover agent bought a trove of stolen data from a representative of Homeland Justice, including Albanian ID cards that appeared related to the 2022 incident.

“Iran thought they could hide behind fake websites and keyboard threats to terrorize Americans and silence dissidents,” FBI Director Kash Patel said in a statement Thursday. “We took down four of their operation’s pillars and we’re not done.”

U.S. authorities have long warned about the risk of Iranian state-sponsored hacking. And Iran has been linked to attempts to suppress dissidents in the U.S. for years, including multiple thwarted plots to kidnap or murder Iranian-American journalist and regime critic Masih Alinejad, a CBS News contributor.

But when Stryker was targeted in a cyberattack last week, following the start of the U.S.-Iran war, former Cybersecurity and Infrastructure Security Agency Director Chris Krebs told CBS News it appeared that “the cyber front of this conflict has officially opened.”

Krebs, a CBS News contributor, said on “CBS Mornings” last week that the line between Handala and the Iranian government is “really blurry.”

“It’s almost an all-hands-on-deck approach by Iran,” he said. “So all of their groups, whether they’re directly related to the military, the intelligence services or their proxies, contractors, hacktivists, sympathizers, whatever you want to call them — they’re all going for targets.”




Source link

You May Also Like

Iran hangs 3 people, including teen wrestler, in first executions over January protests

Monkey 0

Iran war keeps oil and gas prices up, with Strait of Hormuz paralyzed despite Trump’s demands

Monkey 0

Federal judge denies asylum claim for family of 5-year-old Liam Conejo Ramos, Minnesota school district says

Monkey 0

Behind the scenes with the best picture Oscar nominees at the 2026 Academy Awards

Monkey 0

Comey subpoenaed in conspiracy case against ex-officials who investigated Trump

Monkey 0

Ukraine waiting on U.S. and Russia to agree on next round of peace talks, Zelenskyy says

Monkey 0

Leave a Reply

Your email address will not be published. Required fields are marked *