Ransomware group handala hits Handala’s attack on Israeli organizations
Handala’s attack on Israeli organizations — a public sector target operating in IL has been listed by the handala ransomware group on 2024-07-21. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | Handala’s attack on Israeli organizations |
|---|---|
| Threat Group | handala |
| Summary | Handala’s attack on Israeli organizations Yesterday, after the problem occurred in CrowdStrike, Handala started a targeted phishing campaign ( https://twitter.com/x/status/1814658084460957890) using his dedicated wiper and FUD against thousands of Zionist organizations! So far, dozens of Zionist organizations have lost more than several terabytes of their data, and INCD (https://www.gov.il/he/pages/alert200724) is still unaware of a significant part… |
| Date of Breach | 2024-07-21 |
| Discovery Date | 2024-07-21 |
| Region | IL |
| Target Domain | — |
| Business Sector | Public Sector |
| Severity | MEDIUM |
Claim by handala
Handala’s attack on Israeli organizations Yesterday, after the problem occurred in CrowdStrike, Handala started a targeted phishing campaign ( https://twitter.com/x/status/1814658084460957890) using his dedicated wiper and FUD against thousands of Zionist organizations! So far, dozens of Zionist organizations have lost more than several terabytes of their data, and INCD (https://www.gov.il/he/pages/alert200724) is still unaware of a significant part…
Posted by the handala threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Leak post (onion / Tor)
https://handala.to/handalas-attack-on-israeli-organizations/
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.