FBI Warns of New Handala Malware Attack Campaign via Telegram
FBI Warns of Sophisticated Hacking Operation Linked to Iranian Government
The United States Federal Bureau of Investigation (FBI) has issued a warning regarding a sophisticated hacking operation linked to the Iranian government’s Ministry of Intelligence and Security (MOIS). The agency reports that Iranian hackers are leveraging the popular messaging app Telegram as command-and-control infrastructure for malware targeting journalists, dissidents, and opposition groups worldwide.
Attribution to Handala Hacktivist Group
The attacks are attributed to the Handala hacktivist group, also known as the Handala Hack Team, Hatef, or Hamsa. The group uses social engineering tactics to infect target devices with Windows malware, allowing them to exfiltrate sensitive information, including screenshots and files from compromised computers.
Malware Used for Intelligence Collection and Data Leaks
Domains Seized by FBI
In related news, the FBI recently seized four domains associated with the Handala and Homeland Justice threat groups, as well as a third actor tracked as Karma Below. These domains were used for leaking sensitive documents and data stolen in cyberattacks targeting victims in the US and globally.
Cyberattack on US Medical Giant Stryker
Russian Intelligence-Linked Threat Actors Targeting Signal Users
The FBI has warned about Russian intelligence-linked threat actors targeting Signal users in phishing campaigns that have already compromised thousands of accounts. These actors are targeting individuals of high intelligence value, including current and former US government officials, military personnel, politicians, and journalists.
FBI Urges Network Defenders to Remain Vigilant
The FBI is urging network defenders to remain vigilant and take necessary measures to mitigate the risks of compromise.
About Author
English