The Justice Division says it has shuttered 4 web sites that have been allegedly utilized by Iranian government-linked teams to submit hacked data and threaten regime critics.
The transfer comes amid fears that the U.S. and Israel’s struggle with Iran might develop into cyberattacks. A information company linked to the Iranian Revolutionary Guards has threatened American tech corporations that they could possibly be targets, and one of many Iran-linked teams focused by the Justice Division appeared to take credit score for a hack on a Michigan medical expertise firm final week.
In the meantime, U.S. navy officers have mentioned cyber operations helped to degrade Iran’s communications within the early hours of the struggle.
The web sites that have been shut down by the Justice Division had names that corresponded to 3 totally different alleged hacking teams: Handala, Homeland Justice and Karma Beneath. In courtroom papers, the FBI mentioned all three teams are run by Iran’s Ministry of Intelligence and Safety, and so they use related techniques, together with “custom-built malware.”
The Justice Division says the 4 websites have been used for Iranian government-sponsored “hacking and transnational repression schemes,” and for “tried psychological operations focusing on adversaries of the regime.”
For instance, the Handala websites have been allegedly used to take credit score for “a damaging malware assault towards a U.S.-based multinational medical applied sciences agency.”
The Justice Division did not establish that agency, however final week, medical expertise firm Stryker reported a cyberattack that triggered “world disruption.” Cybersecurity professional Brian Krebs wrote in a weblog submit final week that Handala appeared to say accountability for the incident, which was ostensibly in retaliation for a lethal bombing of a women’ faculty in Iran that early assessments say the U.S. might have been accountable for.
Stryker mentioned the hack was restricted to its inside Microsoft techniques and didn’t have an effect on any of its merchandise, together with its medical implants. CBS Information has reached out to the corporate for remark.
Handala has additionally allegedly used the seized web sites in current weeks to take credit score for a hack towards members of a Hasidic Jewish neighborhood, and to share names and private data for Israel Protection Forces and Israeli authorities workers, the Justice Division mentioned. At one level, the group allegedly inspired supporters of Iran to “reply” to the IDF personnel, the Justice Division mentioned.
And Handala was accused of emailing demise threats earlier this month to Iranian dissidents and journalists, at the very least certainly one of whom lived in the US, the Justice Division mentioned. One alleged message that was disclosed by the Justice Division claimed Handala was “companions” with the Mexico-based Jalisco New Technology Cartel and provided a $250,000 reward for the goal’s demise.
One of many different shuttered web sites was related to Homeland Justice and was allegedly used to take credit score for a extremely publicized 2022 hack towards the Albanian authorities, the DOJ mentioned.
The FBI mentioned in courtroom papers that as a part of its investigation, an spy purchased a trove of stolen knowledge from a consultant of Homeland Justice, together with Albanian ID playing cards that appeared associated to the 2022 incident.
“Iran thought they may conceal behind pretend web sites and keyboard threats to terrorize People and silence dissidents,” FBI Director Kash Patel mentioned in a assertion Thursday. “We took down 4 of their operation’s pillars and we’re not executed.”
U.S. authorities have lengthy warned concerning the threat of Iranian state-sponsored hacking. And Iran has been linked to makes an attempt to suppress dissidents within the U.S. for years, together with a number of thwarted plots to kidnap or homicide Iranian-American journalist and regime critic Masih Alinejad, a CBS Information contributor.
However when Stryker was focused in a cyberattack final week, following the beginning of the U.S.-Iran struggle, former Cybersecurity and Infrastructure Safety Company Director Chris Krebs instructed CBS Information it appeared that “the cyber entrance of this battle has formally opened.”
Krebs, a CBS Information contributor, mentioned on “CBS Mornings” final week that the road between Handala and the Iranian authorities is “actually blurry.”
“It is virtually an all-hands-on-deck strategy by Iran,” he mentioned. “So all of their teams, whether or not they’re immediately associated to the navy, the intelligence companies or their proxies, contractors, hacktivists, sympathizers, no matter you wish to name them — they’re all going for targets.”
