An Iranian-linked hacker group called Handala claimed to have disrupted Israeli military radar systems on June 7, 2026, but security researchers have determined the evidence shows only a breach of a municipal phone system. The group announced the alleged attack via Telegram on the same day Israel and Iran resumed hostilities after a two-month ceasefire, claiming to have placed the Kfar Yona municipality under digital siege and warning that the actions were "only a first warning" to Israel and its allies.

Security firm SOCRadar investigated the claims and shared findings with Hackread.com showing significant discrepancies. The screenshots Handala posted as proof displayed an Interactive Voice Response admin panel from a Tadiran Telecom Aeonix system, which manages office telephone routing. The images showed a sample auto attendant call-routing script with Hebrew language settings and included text stating "This is a sample script to demonstrate the different possibilities in Aeonix Auto Attendant."

The Aeonix system is a digital receptionist application that automatically answers and routes incoming calls for businesses and government offices. It has no connection to military radar networks or air defense infrastructure. The evidence indicated access to a municipal phone system rather than any military target, contradicting Handala's claims of disrupting signal networks across Israel's military radar systems.

Handala has a documented history of timing cyberattack claims with real-world military events for psychological impact. The group has conducted verified operations since the current conflict began in February 2026, including a confirmed data-wiping attack against medical technology firm Stryker Corporation that prompted FBI domain seizures and Department of Justice attribution. The group also claimed responsibility for breaching FBI Director Kash Patel's personal Gmail account and leaking private documents.

Security researchers noted that publicly exposing a genuine military breach on Telegram would be operationally reckless, suggesting the exaggerated claims may be intended for propaganda purposes. Organizations should verify breach claims through independent technical analysis rather than accepting attacker statements at face value. While this particular claim appears inflated, researchers warn that Iran-linked hacking groups remain active and capable of conducting damaging operations against both private sector and government targets.

Source: https://hackread.com/handala-israeli-radar-hack-evidence-phone-admin-panel/