DomainTools2d ago
New DTI Research: The evolution of the MOIS-linked cyber ecosystem (Handala/Homeland Justice)
from the 2022 Albania attacks to the 2026 Stryker incident🛡️🇮🇷
Full research and analysis:https://dti.domaintools.com/research/mois-linked-moist-grasshopper-homeland-justice-karmabelow80-handala-hackers-campaigns-and-evolution
#ThreatIntel #Handala #Cybersecurity #Iran
DomainTools Investigations | MOIS Linked MOIST GRASSHOPPER / Homeland Justice / KarmaBelow80 / Handala Hackers / Campaigns and Evolution

Explore the evolution of MOIS-linked actors Homeland Justice, Karma, and Handala. Analysis of destructive malware, surveillance integration, and the 2026 Stryker incident.

Show threadMiss Kitty 🌈🌈🌈3d ago
... and the #Handala #hacktivist #group remain highly active. Handala recently conducted a destructive attack on the medical giant #Stryker, remotely wiping 80,000 devices using Microsoft's cloud management services. #Digital #Vertigo: Experts note a rise in "epistemic vertigo," ...
ERROR 404 ▼4d ago
⭕Le groupe de hackers #Iraniens #Handala a survolé en drone les domiciles de hauts responsables #Israéliens pour enregistrer leurs déplacements. - Journal #Israélien #Haaretz
securityaffairs6d ago
#Iran-linked group #Handala claims to have breached three major UAE organizations
https://securityaffairs.com/190716/hacking/iran-linked-group-handala-claims-to-have-breached-three-major-uae-organizations.html
#securityaffairs #hacking
Iran-linked group Handala claims to have breached three major UAE organizations

Iran-linked group Handala claims to have breached three major UAE organizations, Dubai Courts, Dubai Land Department, and Dubai Roads & Transport Authority

Security Affairs
Anonymous 🐈️🐾☕🍵🏴🇵🇸 Apr 10

🚨 Threat Actor Signal: #Handala

The Handala group has released a new message hinting at an upcoming operation targeting Israeli cyber/intelligence infrastructure.

🎯 Stated Focus:
• “Unit 8200” (Israel’s elite intelligence/cyber unit)
• Specific reference to an “Iran Desk”

⚠️ Key Takeaways:
• Message is teaser-style psychological signaling, common before operations
• No technical details shared — no confirmation of capability or access
• Likely intended to generate attention and anticipation

🧠 Assessment:
• Could precede:
•Website defacements or DDoS campaigns
•Data leak claims or propaganda releases
• Also possible this is pure information operation (IO) without follow-through

🔍 What to Watch:
• Dark web leak sites and Telegram channels for data dumps
• Sudden spikes in activity targeting Israeli infrastructure
• Coordinated messaging across aligned threat groups

⚠️ Status: Pre-attack signaling – unverified

#CyberThreat #Hacktivism #ThreatIntel #CyberSecurity
#OpIsrael
#Anonymous

iam-py-test Apr 9

Iran-backed group Handala claims to have breached the devices of a former Israeli Lt General.

https://www.cnn.com/2026/04/09/world/live-news/iran-war-trump-us-ceasefire?post-id=cmnrdwhds00003b6vmsm2n3az

#Handala

Israel says it will begin direct negotiations with Lebanon as US prepares for Iran ceasefire talks

Israel’s offensive against Hezbollah and reopening the Strait of Hormuz remain sticking points in a tenuous agreement to pause fighting in Iran. Follow for live news updates.

CNN
RedPacket SecurityApr 8

[HANDALA] - Ransomware Victim: Passover Wiped Clean: 22TB of Data Gone from 14 Companies - https://www.redpacketsecurity.com/handala-ransomware-victim-passover-wiped-clean-22tb-of-data-gone-from-14-companies/

#handala #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[HANDALA] - Ransomware Victim: Passover Wiped Clean: 22TB of Data Gone from 14 Companies - RedPacket Security

NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating

RedPacket Security
RedPacket SecurityApr 8

[HANDALA] - Ransomware Victim: Handala Hack Strikes 27 Companies for Minab’s Innocents - https://www.redpacketsecurity.com/handala-ransomware-victim-handala-hack-strikes-27-companies-for-minab-s-innocents/

#handala #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[HANDALA] - Ransomware Victim: Handala Hack Strikes 27 Companies for Minab’s Innocents - RedPacket Security

NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating

RedPacket Security
RedPacket SecurityApr 8

[HANDALA] - Ransomware Victim: Raz Zimmt’s Chats Leaked to the World - https://www.redpacketsecurity.com/handala-ransomware-victim-raz-zimmt-s-chats-leaked-to-the-world/

#handala #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[HANDALA] - Ransomware Victim: Raz Zimmt’s Chats Leaked to the World - RedPacket Security

NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating

RedPacket Security
RedPacket SecurityApr 8

[HANDALA] - Ransomware Victim: Publication of Photos and Personal Details of IranWire’s Traitorous Members - https://www.redpacketsecurity.com/handala-ransomware-victim-publication-of-photos-and-personal-details-of-iranwire-s-traitorous-members/

#handala #dark_web #data_breach #OSINT #ransomware #threatintel #tor

[HANDALA] - Ransomware Victim: Publication of Photos and Personal Details of IranWire’s Traitorous Members - RedPacket Security

NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating

RedPacket Security