FBI Seizes Iranian Hacktivist Group Websites After Stryker Cyberattack

FBI Seizes Iranian Hacktivist Group Websites After Stryker Cyberattack

First seen 19 Mar 2026, 16:43 UTC TechcrunchBleepingcomputerMlq.AiNbcnewsUk.Pcmag+13 84% similarity 77.0

Article Content

Browse articles
ThreatCluster

The FBI has seized two websites linked to the Iranian hacktivist group Handala following their cyberattack on Stryker Corporation, a U.S. medical technology firm. The attack, which occurred on March 11, 2026, involved the hackers gaining access to an internal administrative account and wiping data from approximately 80,000 devices using Microsoft Intune commands. The seized domains were used for doxing individuals linked to Israeli defense firms and for promoting the group's activities. The FBI's action is part of a broader effort to disrupt Iranian state-sponsored cyber operations. Handala has acknowledged the seizures and claimed they will continue their operations through new channels. The attack on Stryker disrupted the company's order processing, manufacturing, and shipping operations. The FBI's seizure notices indicate these domains were involved in malicious cyber activities on behalf of a foreign state actor.

Key Points: • The FBI seized two Handala websites after a destructive cyberattack on Stryker Corporation. • Handala wiped data from approximately 80,000 devices using Microsoft Intune commands. • The seizure is part of ongoing U.S. efforts to disrupt Iranian state-sponsored cyber activities.

ThreatCluster AI

Timeline

2026-03-11
Handala conducts cyberattack on Stryker Corporation.
2026-03-19
FBI seizes two Handala websites linked to the cyberattack.
2026-03-19
Justice Department announces seizure of four domains linked to Iranian cyber operations.

Community

Browse all →