masto.ai is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general Mastodon server for all languages.

Administered by:

Server stats:

2.4K
active users

Some ‘free Palestine’ hacktivist style group called Handala have been defacing websites and claim to exfiltrate data. handala.to/ #threatintel

23 orgs hit so far.

Handala, a wiper group posing as a ransomware group who target Israeli companies, claims IIB (Israeli Industrial Batteries) supplied explosive batteries for pagers and Vidisco supplied Xray machines which didn’t detect said batteries.

They claim they will be releasing 6tb of data for IIB and 8tb of data for Vidisco. I tried phoning one of the companies, who said they have an IT issue.

Handala Hack Team have started posting files on Telegram. They were kicked off Telegram multiple times prior, they're back on a different username. #threatintel

Handala have released what they claim is source code showing a backdoor in Vidisco scanners, which are used by ports and airports to scan cargo.

Post contains reference to Hodhod drones, which is an Iranian UAV, and makes reference to Vidisco as being a “legal target” #threatintel

The latest on the Handala Hack Team situation with Vidisco and Israeli Industrial Batteries (IIB) breach claims is the file sharing site hosting the downloads say they have received DMCA complaints.

So far only outlets in Italy and Iran have picked up the story, and have done so fairly responsibly, i.e. not saying the claims are true.

I have just published a big update on the Handala situation regarding Vidisco at the bottom of my original post.

tl;dr: They are owned.

doublepulsar.com/hacker-group-

Expect to read 0 about this from your threat intelligence providers btw, there's a cone of silence around this one.

Handala are currently up on t.me/Handala_backup on Telegram.

Comes complete with a 1 minute data dump announcement video with reasonable production quality.

There's a lot of time and effort gone into the group's recent efforts, it's a little bit better than NoName and the like.

TelegramHandala BackupIsrael thought that with the martyrdom of Naji al-Ali, who was one person, everything would be over, but it was not, and her path continues, as she promised, and even if the main channel is removed, this channel will continue. 🌐 handala-hack.to

Handala are now going after Israeli politician Gabi Ashkenazi.

I think what they’re doing is compromising personal cloud accounts. #threatintel

The journalist looking at Handala Hack Team has been told to stop looking at it.

Handala say they plan to post 2k photos from Benny Gantz’ phone in response to rocket attacks. I think my theory they’re targeting Israel’s political’s cloud accounts is looking more likely. #threatintel

Handala appear to have gained access to former Israeli PM Ehud Barak’s personal phone, publishing a series of messages alleging various things and lots of photos and identity documents #threatintel

If you’re reading this thread and thinking ‘why isn’t this mentioned anywhere outside of Gossi The Dog’s toots?’ - that’s a good question. #threatintel

Handala allege they are doing a hack and leak of Soreq Nuclear Research Center in Israel. So far their leak claims have been true.. although the document leaks haven’t resembled all of their claims about the contents to the best of my knowledge.

They also claim journalists in Israel have been told not to cover Handela, which I believe has foundation.

The entire cyber industry coverage of a clear Iranian cyber group doing actual cyber activity during a war: #threatintel #handala

Paul Shread

@GossiTheDog Any confirmation on the Vidisco backdoor claims?