Handala launches influence campaign against US troops, exposes data

SecurityWeek reports that U.S. troops stationed in Bahrain have been subjected to a WhatsApp-based influence operation by the Iran-nexus threat operation Handala earlier this week.

Handala, also known as Handala Hack, Storm-0842, Banished Kitten, Red Sandstorm, and Void Manticore, delivered messages warning of ongoing surveillance and imminent drone and missile targeting of service members. Moreover, the group, which the U.S. recently tied to Iran's Ministry of Intelligence and Security, also touted the exposure of personal details belonging to 2,379 U.S. Marine Corps members serving in the Persian Gulf. Both developments come as Handala has ramped up cyber intrusions against U.S. organizations and military personnel since the conflict in Iran commenced in late February.

Attacks by the hacking group, which have already targeted leading U.S. medical device firm Stryker and FBI Director Kash Patel, involved social engineering tactics, data wipers, and commercial tools.

"The shift toward directly threatening military personnel through personal communications channels shows it is willing to move beyond corporate or infrastructure targets," said SOCRadar.