VOOZH about

URL: https://en.wikipedia.org/wiki/Void_Manticore

⇱ Void Manticore - Wikipedia

Jump to content
From Wikipedia, the free encyclopedia
Iranian hacking group
Some of this article's listed sources may not be reliable. Please help improve this article by looking for better, more reliable sources. Unreliable citations may be challenged and removed. (June 2026) (Learn how and when to remove this message)

Void Manticore, also known as Handala or Storm-0842[1]/Storm-1084 or COBALT MYSTIQUE[2] is a hacking group based in the Middle East that has claimed responsibility for cyberattacks against Albania, Israel and the U.S.[3][2] Its name is a reference to Handala, a prominent national symbol and personification of the Palestinian people.

They have claimed responsibility for more than 20 hack-and-leak operations.[4] They have deployed ransomware and DDOS attacks, as well as “wiper” attacks in which massive amounts of data is wiped from servers.[5] They operate under Iran’s Ministry of Intelligence and Security (MOIS) and first surfaced in July 2022 with destructive cyberattacks against Albania’s e-government systems.[6] Their tools involve the use of bespoke wiper malware called Cl Wiper and No-Justice.[1][7]

"It's not Handala – it's four groups with four different names, and they operate under one intelligence ministry," says Gil Messing, chief of staff at Check Point told Haaretz.[4]

HivePro reports that "It has targeted government agencies and critical infrastructure across Israel, United States, Albania, Jordan, and Gulf States, focusing on sectors including oil and gas, energy, telecommunications, defense, NGOs, media, think tanks, IT service providers, education, transportation, airlines, maritime, and healthcare."[6]

During the 2026 Iran war Void Manticore's Handala persona claimed responsibility for a data-wiping attack against Stryker Corporation, a global medical technology company based in Michigan.[8] Stryker's information systems and business applications were disrupted according to the company's March 11 SEC filing.[9] The U.S. Federal Bureau of Investigation responded by taking down four websites linked to the group.[10][4]

Handala Hack Group also took credit for hacking into FBI Director Kash Patel's personal email on March 27, 2026.[11]

References

[edit]
  1. ^ a b Ravie Lakshmanan (20 May 2024). "Iranian MOIS-Linked Hackers Behind Destructive Attacks on Albania and Israel". thehackernews.com.
  2. ^ a b Andy Piazza; Eric Goldstrom; Steve Elovitz (12 March 2026). "Insights: Increased Risk of Wiper Attacks". unit42.paloaltonetworks.com.
  3. ^ CFR Cyber Operations (May 2024). "Storm-842". Council on Foreign Relations.
  4. ^ a b c Omer Benjakob (21 March 2026). "The FBI Took Down Iranian Hackers Trolling Israel for Years. Now They're Back - National Security & Cyber". haaretz.com.
  5. ^ Nick Lichtenberg, ed. (18 March 2026). "Every Fortune 500 CEO's nightmare: The Iran War and the Pandora's Box of AI cyber warfare". fortune.com.
  6. ^ a b "Void Manticore: Iran's Evolving Cyber Warfare Model | Hive Pro".
  7. ^ ""Handala Hack" - Unveiling Group's Modus Operandi". 12 March 2026.
  8. ^ "Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker – Krebs on Security". 11 March 2026.
  9. ^ "Iran-linked medical device cyberattack is contained, says Stryker | Healthcare IT News".
  10. ^ "FBI shuts down hacktivist websites following Stryker cyberattack | Healthcare IT News".
  11. ^ Winter, Jana; Vicens, A.J. (March 27, 2026). "Iran-linked hackers breach FBI director's personal email, publish photos and documents". Washington, D.C.: Reuters. Retrieved June 13, 2026.
This article has not been added to any content categories. Please help out by adding categories to it so that it can be listed with similar articles. (June 2026)
Hidden categories: