The Justice Division says it has shuttered 4 web sites that have been allegedly utilized by Iranian government-linked teams to put up hacked info and threaten regime critics.
The transfer comes amid fears that the U.S. and Israel’s warfare with Iran may broaden into cyberattacks. A information company linked to the Iranian Revolutionary Guards has threatened American tech corporations that they could possibly be targets, and one of many Iran-linked teams focused by the Justice Division appeared to take credit score for a hack on a Michigan medical know-how firm final week.
In the meantime, U.S. navy officers have mentioned cyber operations helped to degrade Iran’s communications within the early hours of the warfare.
The web sites that have been shut down by the Justice Division had names that corresponded to 3 completely different alleged hacking teams: Handala, Homeland Justice and Karma Beneath. In court docket papers, the FBI mentioned all three teams are run by Iran’s Ministry of Intelligence and Safety, they usually use related techniques, together with “custom-built malware.”
The Justice Division says the 4 websites have been used for Iranian government-sponsored “hacking and transnational repression schemes,” and for “tried psychological operations concentrating on adversaries of the regime.”
For instance, the Handala websites have been allegedly used to take credit score for “a harmful malware assault in opposition to a U.S.-based multinational medical applied sciences agency.”
The Justice Division did not establish that agency, however final week, medical know-how firm Stryker reported a cyberattack that induced “world disruption.” Cybersecurity skilled Brian Krebs wrote in a weblog put up final week that Handala appeared to say accountability for the incident, which was ostensibly in retaliation for a lethal bombing of a ladies’ faculty in Iran that early assessments say the U.S. might have been answerable for.
Stryker mentioned the hack was restricted to its inner Microsoft programs and didn’t have an effect on any of its merchandise, together with its medical implants. CBS Information has reached out to the corporate for remark.
Handala has additionally allegedly used the seized web sites in current weeks to take credit score for a hack in opposition to members of a Hasidic Jewish group, and to share names and private info for Israel Protection Forces and Israeli authorities staff, the Justice Division mentioned. At one level, the group allegedly inspired supporters of Iran to “reply” to the IDF personnel, the Justice Division mentioned.
And Handala was accused of emailing loss of life threats earlier this month to Iranian dissidents and journalists, a minimum of considered one of whom lived in the US, the Justice Division mentioned. One alleged message that was disclosed by the Justice Division claimed Handala was “companions” with the Mexico-based Jalisco New Technology Cartel and supplied a $250,000 reward for the goal’s loss of life.
One of many different shuttered web sites was related to Homeland Justice and was allegedly used to take credit score for a extremely publicized 2022 hack in opposition to the Albanian authorities, the DOJ mentioned.
The FBI mentioned in court docket papers that as a part of its investigation, an spy purchased a trove of stolen information from a consultant of Homeland Justice, together with Albanian ID playing cards that appeared associated to the 2022 incident.
“Iran thought they may cover behind faux web sites and keyboard threats to terrorize Individuals and silence dissidents,” FBI Director Kash Patel mentioned in a assertion Thursday. “We took down 4 of their operation’s pillars and we’re not completed.”
U.S. authorities have lengthy warned concerning the threat of Iranian state-sponsored hacking. And Iran has been linked to makes an attempt to suppress dissidents within the U.S. for years, together with a number of thwarted plots to kidnap or homicide Iranian-American journalist and regime critic Masih Alinejad, a CBS Information contributor.
However when Stryker was focused in a cyberattack final week, following the beginning of the U.S.-Iran warfare, former Cybersecurity and Infrastructure Safety Company Director Chris Krebs advised CBS Information it appeared that “the cyber entrance of this battle has formally opened.”
Krebs, a CBS Information contributor, mentioned on “CBS Mornings” final week that the road between Handala and the Iranian authorities is “actually blurry.”
“It is nearly an all-hands-on-deck method by Iran,” he mentioned. “So all of their teams, whether or not they’re straight associated to the navy, the intelligence providers or their proxies, contractors, hacktivists, sympathizers, no matter you need to name them — they’re all going for targets.”
![[In This Economy] The peso is now at P60 to the greenback. Now what?](https://www.rappler.com/tachyon/2026/03/P60-TO-THE-DOLLAR-MARCH-20-2026.jpg "[In This Economy] The peso is now at P60 to the greenback. Now what?")
