Main points
- The pro-Iranian hacking group Handala hacked the personal email of FBI Director Kash Patel, publishing the stolen data.
- The US has announced a reward of up to $10 million for information on the hackers involved in the attack.
Hunting for Handala: US ready to pay millions for data on Iranian hackers / Collage 24 Channel/Unsplash/Freepik
The pro-Iranian hacking group Handala last week claimed to have successfully hacked into the personal email account of FBI Director Kash Patel. The attackers posted some of the stolen data online in an attempt to demonstrate the vulnerability of even the highest-ranking officials in the United States.
In their messages, the hackers ironically noted that now the name of the person who heads the country's main intelligence agency has appeared on their list of successful hacks. In response, the US State Department announced its readiness to pay a significant reward for help in identifying the cybercriminals who attacked the high-ranking official, writes 24 Kanal .
What data ended up online?
Among the leaked materials were photos of Patel from a decade ago. In the pictures, the current FBI director is seen posing next to an antique sports car, smoking a cigar or holding a large bottle of rum, Axios reported. In addition to the visual content, the hackers also made public his old-style resume and documents related to private travel and tax returns.
An analysis of the correspondence showed that the bulk of the messages date from 2012 to 2019. In particular, receipts for airline tickets, train tickets, and hotels, as well as information from real estate agents regarding apartment rentals in Washington, D.C., were leaked online.
The Federal Bureau of Investigation responded quickly to the situation, confirming the fact of an attack on the personal email of its director. Representatives of the agency assured that all necessary measures were taken to minimize possible risks, Fortune previously wrote.
The bureau's official position is that the stolen information is exclusively historical in nature and does not contain any classified data that would relate to current government activities or FBI operational plans.
Why was Handala attacked?
This attack was Handala's response to the actions of the US authorities. Earlier, the US Department of Justice announced the seizure of four web domains used by this group for cyber schemes and intimidation of dissidents. The hackers directly stated that their actions were revenge for the blocking of resources and the reward announced for their heads.
In addition to hacking an official's email, Handala recently claimed responsibility for a systems failure at Stryker, a large medical technology company based in Michigan, in retaliation for alleged U.S. strikes that killed civilians in Iran.
How much do they pay for information?
In response to the attackers' activity, the U.S. Department of State, through its Rewards for Justice program, has announced a reward of up to $10 million for any information leading to the identification or location of members of the Handala and Parsian Afzar Rayan Borna groups.
The government is interested in the hackers' real names, their online aliases, and their exact location. The authorities promise complete anonymity, secure communication channels via the Signal messenger, and, if necessary, assistance with moving to another country for informants.
Who is the customer?
Experts note that such proxy groups are often used by Iranian intelligence to conduct destructive operations, as this allows official Tehran to deny its involvement.
Although Handala sometimes exaggerates the scale of his successes, the hacking of the FBI director's email demonstrates the seriousness of Iranian cyber actors' intentions to continue their campaign of destabilization and chaos in the information space.