On Friday, an Iranian state-sponsored cybercriminal collective known as “Handala” announced its successful infiltration of the private electronic mail account belonging to FBI chief Kash Patel.
On its online platform, the group Handala featured multiple photographs depicting a clearly more youthful Patel, alongside a hyperlink to a compilation of data which seemingly originated from Patel’s private Gmail address.
TechCrunch validated that a portion of the electronic communications disseminated by Handala originated from what was purportedly Patel’s Gmail account, achieved through the authentication of data embedded in the message headers. Such headers encompass sender-provided details, instrumental in aiding email transmission systems to verify an email’s authenticity and prevent it from being a fraudulent imitation.
Our team employed a utility to validate multiple electronic messages within the disclosed data trove, dispatched by Patel from his Gmail address. These communications bore cryptographic endorsements consistent with their content, leading to a powerful inference of their genuineness for the messages we scrutinized. On certain occasions, Patel seemingly forwarded communications from his official FBI email address to his private Gmail account. TechCrunch ascertained that the messages originating from Patel’s FBI account also exhibited indications of authenticity.
Neither the Federal Bureau of Investigation nor the Department of Justice promptly replied to an inquiry seeking their statement.
Reuters, the initial outlet to publicize the email compromises, stated that an official from the Justice Department corroborated the intrusion.
Get In Touch
Should you possess further particulars regarding this alleged compromise of Kash Patel’s data? Utilizing a personal, non-corporate device, you are invited to communicate with Lorenzo Franceschi-Bicchierai confidentially through Signal at +1 917 257 1382, or alternatively via Telegram, Keybase, and Wire using the handle @lorenzofb, or through electronic mail.
TechCrunch dispatched communications requesting verification to the Gmail address of Patel, as disclosed by the cyber-attackers, in addition to a short message service (SMS) text to a mobile number found within a curriculum vitae ostensibly pertaining to Patel. An instant reply was not received.
Commencing in February, concurrent with the onset of the U.S.-Israeli conflict targeting Iran, the Iran-affiliated Handala group has intensified its cyber incursions, predominantly asserting culpability for a devastating assault on the healthcare technology behemoth, Stryker, resulting in the erasure of data from tens of thousands of personnel devices. Furthermore, the cyber-intruders have disseminated the private particulars of numerous individuals purportedly affiliated with the Israeli Defense Forces and indigenous defense contractors.
Subsequent to the Stryker cyber-attack, the FBI confiscated a limited number of Handala’s web properties, only for them to promptly reappear on the internet under fresh domain names. American legal authorities have formally charged the Iranian Ministry of Intelligence and Security (MOIS) with orchestrating the Handala collective.
The cyber-intruders failed to reply to TechCrunch’s solicitation for a statement, dispatched to a chat service account which the attackers promote on their online platform, and to an electronic mail address belonging to the collective, previously disclosed by the Justice Department.
{content}
Source: {feed_title}