The Justice Department recently seized several domains used by Iranian intelligence to conduct cyberattacks against a U.S. medical technology firm and to harass dissidents. These platforms served as hubs for leaking sensitive data and issuing death threats to journalists and individuals critical of the Iranian government.

The seizure of these digital domains follows a period of heightened military and cyber activity between the United States, Israel, and Iran. Since the end of February, regional tensions have escalated into direct military exchanges involving drones and missiles across the Middle East. Within this volatile environment, the hacking of an American technology company marked a significant shift toward digital warfare targeting private infrastructure.

A group known as the Handala Team has been identified by cybersecurity experts as the primary actor behind these digital incursions, operating with links to Iran's Ministry of Intelligence and Security. This group frequently utilizes social media platforms like Telegram and X to broadcast its activities and boast about successful breaches. Despite efforts by social media companies to disable their accounts, the group has consistently migrated to new handles to maintain its presence.

The Justice Department specified that the seized domains were instrumental in the group's efforts to claim credit for malware attacks and distribute stolen information. In one instance, the group published personal details and photographs of nearly 200 individuals associated with the Israeli government or military. These websites acted as a central repository for the group's psychological operations and data leaks.

Beyond infrastructure attacks, the Iranian-linked group used its digital reach to target specific individuals, including Iranian dissidents and members of the press. By sending death threats and coordinating harassment campaigns both within the United States and internationally, the group sought to silence opposition. The U.S. government’s intervention aims to disrupt these intimidation tactics and secure domestic corporate interests from foreign interference.

Source: https://www.justice.gov/usao-sdny/media/1366241/dl