March 19 (UPI) — The Federal Bureau of Investigation took down two websites that belong to an Iran-linked hacker group after it staged a global cyberattack on an American medical equipment company last week.
Two websites used by the group Handala — one that contained information about its hacks and the other used to dox people it alleges work with the Israeli military and related companies — were pulled down by the FBI on Thursday, NBC News and Techcrunch reported.
Handala was behind a “wiper attack” on the medical device maker Stryker’s computer system on March 11, which it said was in retaliation for a deadly strike on the Shajareh Tayyiba girls school in Minab, Iran.
“Law enforcement authorities determined this domain was used to conduct, facilitate, or support malicious cyber activities on behalf of, or in coordination with, a foreign state actor,” a message left on both websites by the FBI said.
Portage, Mich.-based Stryker, which employs 50,000 people worldwide and manufactures a variety of medical devices, including orthopedic implants, surgical instruments and imaging systems, was forced to shut down for the day because of the global attack.
The attack affected the company’s internal Microsoft corporate environment and was not a ransomware attack, it said four days after the attack, after determining that no malware had been installed and the system was able to be restored.
Handala, which has been active since Oct. 7, 2023, is believed to be linked to Iran’s Ministry of Intelligence and Security, American and Israeli cyber security experts have said.
The group is thought to have attacked Stryker because it was awarded a $450 million contract by the Department of Defense last year, and said at the time that the attack specifically was in response to the U.S. bombing of the school.
Handala acknowledged on Telegram that its websites were no longer under its control, and said that the “aggressive action reveals the extent to which the enemies of truth will go to silence voices that unveil their atrocities.”
“To all truth-seekers and defenders of justice, we inform you that the Handala RedWanted website, which was dedicated to exposing Zionist crimes and raising global awareness, has also been seized and taken offline by order of the FBI,” Handala said, noting that a new website is under construction.
In the wake of the attack, experts have told UPI it should be a wake-up call for a wide swatch of U.S. companies that may have similar gaps in security, especially because rather than demanding ransom, the purpose of this attack was to destroy information and wreak havoc.
