The FBI seized two websites belonging to Handala, a pro-Iranian hacktivist group that recently conducted a destructive data-wiping attack on U.S. medical technology company Stryker. The attack erased data from approximately 80,000 devices by compromising a Windows domain administrator account and using Microsoft Intune's factory reset command — no malware required. Handala confirmed the seizures on Telegram, framing them as censorship. The incident is part of a broader surge in cyberattacks following U.S. and Israeli airstrikes on Iran, with over 60 pro-Iranian hacktivist groups mobilizing and a reported 245% spike in attacks on critical infrastructure. Microsoft and CISA have since published guidance on hardening Intune management controls. Security experts emphasize that the real fix must come from defenders implementing contextual authentication and anomaly detection for privileged actions.
Sort: