Iranlinked group Handala hacked FBI Director Kash Patels personal email account

pAI Model Claude Opus turns bugs into exploits for just 2283ppCyber attacks fuel surge in cargo theft across logistics industryppSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93ppSecurity Affairs newsletter Round 573 by Pierluigi Paganini INTERNATIONAL EDITIONppHidden VMs how hackers leverage QEMU to stealthily steal data and spread malwareppNexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacksppMicrosoft Defender under attack as three zerodays two of them still unpatched enable elevated accessppKyrgyzstanbased crypto exchange Grinex shuts down after 137M cyber heist blames Western IntelligenceppDraftKings hacker sentenced to prison ordered to pay 14 MillionppOperation PowerOFF 53 DDoS domains seized and 3 Million criminal accounts uncoveredppInside ZionSiphon politically driven malware aims at Israeli water systemsppUS CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalogppCisco fixed four critical flaws in Identity Services and WebexppCookeville Regional Medical Center hospital data breach impacts 337917 peopleppAI platform n8n abused for stealthy phishing and malware deliveryppFrom clinics to government UAC0247 expands cyber campaign across UkraineppSweden reports cyberattack attempt on heating plant amid rising energy threatsppCVE202633032 severe nginxui bug grants unauthenticated server accessppUS CISA adds Microsoft SharePoint Server and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalogppMirax malware campaign hits 220K accounts enables full remote controlppIranlinked hacking group Handala claims it breached FBI Director Kash Patels personal Gmail account and shared alleged data including photos and files The FBI confirmed it is aware of the incident and has taken steps to mitigate risks stressing that the exposed material is old and does not involve any government or classified informationppThe FBI is aware of malicious actors targeting Director Patels personal email information and we have taken all necessary steps to mitigate potential risks associated with this activity reads a statement issued by an FBI spokesman The information in question is historical in nature and involves no government informationppHandala hacking group Soon you will realize that the FBIs security was nothing more than a joke pictwittercomPsG01nENLfppAnalysis of leaked data confirms that several emails attributed to Kash Patels Gmail account are authentic Some emails were also sent from his former Justice Department account in 2014 and appear genuine ppTechCrunch verified that some leaked emails attributed to Kash Patels Gmail account are authentic by analyzing message headers which confirm the sender and help detect spoofed emailsppThe exposed files largely date back to around 2019ppThe FBI is offering up to 10 million for information on the Handala hackersppSince the USIsraeli war with Iran began in February the Iranlinked group Handala has intensified its cyberattacks It claimed responsibility for a destructive breach at medical tech firm Stryker that targeted its internal Microsoft environment and remotely wiped tens of thousands of employee devices without using malware ppThe group claimed it wiped more than 200000 servers mobile devices and other systems forcing the company to shut down offices across 79 countries The hacktivists also claimed they exfiltrated about 50TB of corporate data from the companys infrastructureppHandala appears as a proPalestinian hacktivist group but is widely seen as a front for Iranbacked Void Manticore as reported by SecurityWeek Known for phishing data theft extortion and destructive wiper attacks they also engage in info operations and psychological warfare Since the Iran conflict began theyve targeted Israeli military servers intelligence officers and companies stealing or wiping datappThe Justice Department accused Irans Ministry of Intelligence and Security MOIS of operating the Handala group ppIronically the FBI director recently said that Iran thought they could hide behind fake websites and keyboard threats to terrorize Americans and silence dissidents We took down four of their operations pillars and were not done This FBI will hunt down every actor behind these cowardly death threats and cyberattacks and will bring the full force of American law enforcement down on themppHowever he was reportedly unable to protect his own email accountppAt this stage it remains unclear how the FBI Directors email account was compromised and whether it was protected by at least twofactor authentication It is also not known if Google had previously issued any warnings to government officials about potential statesponsored attacks as it has done in past casesppPierluigi PaganinippFollow me on Twitter securityaffairs and Facebook and MastodonppSecurityAffairs  hacking FBI directorppppArtificial Intelligence April 20 2026ppSecurity April 19 2026ppSecurity April 19 2026ppBreaking News April 19 2026ppSecurity April 18 2026ppTo contact me write an email to
Pierluigi Paganini
email protected
pp
Copyrightsecurityaffairs 2024 p