Photo by Steve Buissinne/Pixabay
A hacker group motivated by the death of former Hamas leader Yahya Sinwar claimed to have targeted Israel’s national intelligence agency Mossad and obtained a trove of documents that purportedly name hundreds of Israeli spies.
The hacker group is operating under the name Handala, a tribute to a cartoon character of a 10-year-old Palestinian boy who has become a symbol of Palestinian defiance against Israeli occupation. Advertisement
Writing on Telegram, the hacker group claimed Sunday to have been secretly present on the network of Silicom, an Israeli company that it alleges is a front for Mossad’s Unit 8200.
“In all the assassinations and crimes of recent months, the 8200 unit has always played a very active role in them! The crimes of this unit are not hidden from anyone! But its members must realize today that they will no longer be safe!” the hackers wrote.
The hackers alleged that all key members and senior managers of the company are high-ranking secret officers of Unit 8200 and that they would soon publish their identities.
Handala published videos purporting to show inside the management security panel for Unit 8200 and claimed to have obtained some 40 terabytes of information from their servers, including emails and administrative and financial documents. Advertisement
“You just saw a small part of our cyber power! Your most secure servers have always been available to us!” the hack group said, adding it would begin to leak the documents soon.
UPI has not independently verified the Silicom hack but the cybersecurity magazine Cyber Express noted last month that attacks by Handala, which it described an “Iran-linked threat actor,” have “so far gone relatively unnoticed.”
Cybersecurity researcher Kevin Beaumont confirmed in a blog post last month that at least some of Handala’s prior claims may be true.
At the time, Handala claimed to have discovered a backdoor in scanners from the firm Vidisco that allowed explosives used in pager attacks in Lebanon to go undetected. Beaumont confirmed that Vidisco was breached by a group that was also conducting data exfiltration.
“As far as I’m aware there is nothing linking either Vidisco or IIB to battery attacks – however it is clear Handala have gained access to Vidisco’s network,” Beaumont wrote. “Vidisco equipment provides security scanning of the objects at the border of many nations, so this is obviously a big problem.”
Cybersecurity companies like Constella have also taken notice of the alleged hacks carried out by Handala in recent months, confirming that the hacker group compromised some 50,000 emails from Ron Prosor, a former senior officer in Mossad who is now Israel’s ambassador to Germany. Advertisement
“The leaked emails expose sensitive diplomatic communications, potentially affecting Israel’s foreign relations,” Constella said in its blog post. “This breach also highlights Handala’s aggressive tactics, as they included personal threats against Prosor, claiming constant surveillance over his activities.”
In all, Handala is believed to have possibly breached a number of Israeli companies and agencies including Shin Bet, the Soreq Nuclear Research Center, and the emails of Benny Gantz, the former Israeli defense minister.