Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
https://thehackernews.com/2026/03/iran-linked-hackers-breach-fbi.html
Publish Date: 2026-03-28 11:40:00
Source Domain: thehackernews.com
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the internet.
Handala Hack Team, which carried out the breach, said on its website that Patel “will now find his name among the list of successfully hacked victims.” In a statement shared with Reuters, the FBI confirmed Patel’s emails had been targeted, and noted necessary steps have been taken to “mitigate potential risks associated with this activity.”
The agency also said the published data was “historical in nature and involves no government information.” The leak includes emails from 2010 and 2019 allegedly sent by Patel.
Handala Hack is assessed to be a pro-Iranian, pro-Palestinian hacktivist persona adopted by Iran’s Ministry of Intelligence and Security (MOIS). It’s tracked by the cybersecurity community under the monikers Banished Kitten, Cobalt Mystique, Red Sandstorm, and Void Manticore, with the group also operating another persona called Homeland Justice to target Albanian entities since mid-2022.
A third persona linked to the MOIS-affiliated adversary is Karma, which is said to have been likely completely replaced by Handala Hack since late 2023.
Data gathered by StealthMole has revealed that Handala’s online presence extends beyond messaging platforms and cybercrime forums like BreachForums to publicize its activities, maintaining a layered infrastructure that includes surface web domains, Tor-hosted services, and external file-hosting platforms such as MEGA.
“Handala has consistently targeted IT and service providers in an effort to obtain credentials, relying largely on compromised VPN accounts for initial access,” Check Point said in a report published this month. “Throughout the last months, we identified hundreds of logon and brute-force attempts against organizational VPN infrastructure linked to Handala-associated…
