Handala (also known as Handala Hack Team, Hatef, Hamsa) is a pro-Palestinian hacktivist group first observed in December 2023. Its operations focus on politically motivated cyber campaigns targeting Israeli entities and organizations associated with Israel globally. Handala employs destructive tactics—primarily using multi-stage wiper malware that affects both Windows and Linux systems—alongside data theft and public exposure through leak sites. They are also known for orchestrating phishing campaigns that masquerade as legitimate alerts (e.g., spoofing CrowdStrike), followed by disabling defenses, injection via AutoIT or Delphi loaders, and destructive payload deployment.
Genera un perfil del actor con IA (defensivo) cuando lo pidas.
Este grupo no tiene TTPs curadas. Puedes generar un mapeo MITRE ESTIMADO por IA (no confirmado) a partir de su descripción/notas, solo cuando lo pidas.
Firma de detección defensiva para este grupo (úsala en tu EDR/SIEM). Fuente: ransomware.live.
/*
Handala hacktivist group
*/
rule Handala_Note
{
meta:
author = "ransomware.live"
family = "ransomware.handala"
description = "Detects Handala hacktivist group note"
date = "2026-05-04"
severity = 7
score = 70
strings:
$s1 = "Handala" ascii nocase
$s2 = "HANDALA" ascii
$s3 = "handala.onion" ascii nocase
condition:
any of them
}
Hotam EC Hacked To the founders and executives of Hotam, We don’t need introductions. You need to understand one thing: your infrastructure is no longer your own. From internal communications to client portfolios, decision-support models, risk-control systems, and sensitive investor data , we have accessed, extracted, and duplicated everything. Your clients trust you with billions.…
Aerodreams has been compromised They used to fly for the Air Force , now they hide behind Aerodreams. A silent front for sensitive drone programs, elite pilot training, and covert logistics. What they thought was untouchable… has already been breached. 400 gigabytes of internal data are in our hands , and soon, in everyone else’s.…
| Organización | País | Sector | Grupo | Descubierta |
|---|---|---|---|---|
| Hotam EC | EC | Business Services | — | 30 jun 2025 |
| Aerodreams | AR | Transportation/Logistics | — | 14 jun 2025 |
Las direcciones de los sitios de filtración (.onion) se conocen pero no se publican ni se enlazan. Solo se muestran metadatos públicos. ética