The FBI has seized two websites belonging to the pro-Iranian hacking group behind the data-wiping cyberattack on US medical tools supplier Stryker.
The 2 websites for the hacking group Handala have been noticed displaying seizure notices that say the FBI acquired a courtroom warrant to take over the domains.
“This seizure is a part of a seamless FBI operation to determine, disrupt, and maintain accountable these chargeable for hostile cyber actions directed towards the US, its establishments, and its companions,” the notices add.
The FBI didn’t instantly reply to a request for remark. However area lookups verify the 2 Handala websites now redirect to FBI servers.
This Tweet is currently unavailable. It might be loading or has been removed.
The seizures happen when Handala has been bragging about final week’s assault on Stryker; though no medical units had been affected, the breach allowed the group to wipe knowledge over the corporate IT methods, together with worker telephones.
“Throughout this operation, over 200,000 crucial methods of this firm had been focused and 12 petabytes of knowledge (equal to 12,000 terabytes) had been completely wiped,” the group claimed in a submit on certainly one of seized websites on Monday. The identical submit included screenshots, indicating the hacking group was capable of acquire entry to Stryker’s inside methods and presumably steal recordsdata.
The FBI’s seizure of the 2 websites may assist federal investigators uncover particulars in regards to the hacking group, which was beforehand concerned in pro-Palestinian hacktivism. However in response to a message posted on Telegram, Handala is already making ready to launch a brand new web site to interchange the seized domains.
Really helpful by Our Editors
Handala pulled off the data-wiping operation by focusing on Stryker’s Microsoft software program environments, together with InTune, which lets firms remotely management and handle units, together with Android and iOS telephones. Nevertheless, BleepingComputer stories that the hacker-initiated wipe command by way of InTune solely affected practically 88,000 units, fairly than 200,000, and that there is no proof that Handala exfiltrated knowledge.
For now, Stryker has solely mentioned in an replace posted on Sunday: “The occasion solely affected Stryker’s inside Microsoft company setting. This was not a ransomware assault, and there’s no proof of malware deployed to our methods. The incident has been contained, and we are actually within the restoration course of, which is progressing steadily.”
The assault “didn’t have an effect on any of our merchandise—linked or in any other case,” the corporate added. “We’re prioritizing restoration of methods that instantly help prospects, ordering and transport. Our core transactional methods are already on a transparent path to full restoration, and we are going to proceed to offer updates as progress is made.”
Get Our Finest Tales!
Keep Secure With the Newest Safety Information and Updates
Join our SecurityWatch publication for our most necessary privateness and safety tales delivered proper to your inbox.
Join our SecurityWatch publication for our most necessary privateness and safety tales delivered proper to your inbox.
By clicking Signal Me Up, you verify you might be 16+ and comply with our Phrases of Use and Privateness
Coverage.
Thanks for signing up!
Your subscription has been confirmed. Control your inbox!
About Our Knowledgeable
Michael Kan
Senior Reporter
Expertise
I have been a journalist for over 15 years. I obtained my begin as a colleges and cities reporter in Kansas Metropolis and joined PCMag in 2017, the place I cowl satellite tv for pc web providers, cybersecurity, PC {hardware}, and extra. I am at present primarily based in San Francisco, however beforehand spent over 5 years in China, masking the nation’s expertise sector.
Since 2020, I’ve coated the launch and explosive development of SpaceX’s Starlink satellite tv for pc web service, writing 600+ tales on availability and have launches, but additionally the regulatory battles over the enlargement of satellite tv for pc constellations, fights with rival suppliers like AST SpaceMobile and Amazon, and the trouble to increase into satellite-based cellular service. I’ve combed by way of FCC filings for the most recent information and pushed to distant corners of California to check Starlink’s mobile service.
I additionally cowl cyber threats, from ransomware gangs to the emergence of AI-based malware. Earlier this 12 months, the FTC compelled Avast to pay customers $16.5 million for secretly harvesting and promoting their private info to third-party purchasers, as revealed in my joint investigation with Motherboard.
I additionally cowl the PC graphics card market. Pandemic-era shortages led me to camp out in entrance of a Finest Purchase to get an RTX 3000. I am now following how President Trump’s tariffs will have an effect on the trade. I am at all times wanting to study extra, so please bounce within the feedback with suggestions and ship me ideas.
Learn Full Bio
