Skip to content

Iran-linked Hackers Attack Medical Technology Company Stryker with Wiper Attack

Bottom Line: The Iran-linked hacker group Handala attacked medical technology company Stryker with a wiper attack, deleting data from over 200,000 systems. The attack affected offices in 79 countries. Handala justified the action as retaliation for a U.S. airstrike on an Iranian school in February with massive casualties.

A hacker group named Handala, close to Iranian intelligence, carried out a data-wiping attack on medical technology company Stryker. The Michigan-based company subsequently had to send tens of thousands of employees home, with offices in 79 countries being shut down.

The hacker group Handala (also known as Handala Hack Team) has claimed responsibility for a massive cyberattack on Stryker. According to their own statements, data from over 200,000 systems, servers, and mobile devices were deleted. The company headquartered in Kalamazoo, Michigan, with 56,000 employees in 61 countries and annual revenues of 25 billion dollars, is counted among the world’s leading providers of medical and surgical equipment.

Handala justified the attack as retaliation for an airstrike in February on an Iranian school in which at least 175 people, mostly children, were killed. The New York Times reports that a military investigation identified the United States as the cause of the Tomahawk missile strike.

Security researchers from Palo Alto Networks attribute Handala to Iranian intelligence service MOIS and suspect that the group is one of several online identities of the actor Void Manticore, who is also connected to Iranian intelligence. Handala first appeared in late 2023. In a statement on Telegram, the group declared: “All acquired data is now in the hands of the free people of the world, ready to be used for true human progress and the exposure of injustice and corruption.”

Share on:
Tags: