Handala’s second declare, nonetheless—that it hacked the FBI—appears, for now, to be fiction. All proof factors to Handala having breached Patel’s older, private Gmail account. Extensively believed to be a “hacktivist” entrance for Iran’s intelligence company the MOIS, Handala urged on its web site that the emails contained categorized data, however the messages initially reviewed by WIRED didn’t seem like associated to any authorities work. TechCrunch did find, nonetheless, that Patel seems to have forwarded some emails from his Justice Division e mail account to his Gmail account in 2014.
Handala, which cybersecurity consultants have described to WIRED as an “opportunistic” hacker group whose cyberattacks and breaches are sometimes calculated extra for his or her propaganda worth than their tactical impacts, has nonetheless made probably the most of Patel’s embarrassing breach. “To the entire world, we declare: the FBI is only a title, and behind this title, there isn’t any actual safety,” the group wrote in its assertion. “In case your director will be compromised this simply, what do you count on out of your lower-level workers?”
Handala Hackers Put $50 Million Bounty on Trump and Netanyahu’s Heads
For additional proof of Handala’s bombastic rhetoric, look no additional than one other submit on its web site earlier this week (we’re deliberately not linking to it) that supplied a $50 million bounty to anybody who might “get rid of” US president Donald Trump and Israeli prime minister Benjamin Netanyahu. “This substantial prize can be awarded, instantly and securely, to any particular person or group daring sufficient to indicate true motion in opposition to tyranny,” the hackers’ assertion learn, together with an invite to any would-be assassins to achieve out by way of the encrypted messaging app Session. “All our communication and cost channels make the most of the newest encryption and anonymization applied sciences, your security and confidentiality are totally assured.”
That bounty, Handala defined, was posted in reply to a statement about Handala revealed on the US Division of Justice web site final week that supplied $10 million for data resulting in the identification or location of anybody who carries out “malicious cyber actions in opposition to US vital infrastructure” on behalf of a international authorities.
“Our message is evident: In case you really have the desire and the facility, come and discover us!” Handala wrote in its response. “We concern no problem and are ready to answer each assault with even better drive.”
In one more submit on its web site this week, Handala additionally claimed to have doxed 28 engineers at navy contractor Lockheed Martin working in Israel and threatened them with private hurt in the event that they didn’t depart the nation inside 48 hours. When WIRED tried calling the telephone numbers included in Handala’s leaked information, nonetheless, most of them didn’t work.
Apple says no machine with its Lockdown Mode safety function enabled has ever been efficiently compromised by mercenary adware within the practically 4 years since its launch. Amnesty Worldwide’s safety lab head, Donncha Ó Cearbhaill, additionally says his staff has seen no proof of a profitable assault in opposition to a Lockdown Mode–enabled iPhone. And Citizen Lab, which has documented a number of profitable adware assaults in opposition to iPhones, says none contain a Lockdown Mode bypass, whereas in two circumstances its researchers discovered the function actively blocked assaults in opposition to NSO Group’s Pegasus and Intellexa’s Predator. Google researchers, in the meantime, discovered one adware pressure that merely abandons an infection makes an attempt when it detects the function is enabled.
Lockdown Mode works by disabling generally exploited iPhone options, equivalent to most message attachment varieties and options like hyperlinks and hyperlink previews. Incoming FaceTime calls are blocked except the consumer has beforehand known as that individual inside the previous 30 days. When the iPhone is locked, it blocks connections with computer systems and equipment. The machine won’t routinely be a part of nonsecure Wi-Fi networks, and 2G and 3G assist is disabled. Apple has additionally doubled bounties for researchers who detect any Lockdown Mode bypass, with payouts as much as $2 million.
