Inside the Tehran-Linked 'Faketivist' Hacking Group Handala

Healthcare Hit Shows Symbols Matter as Iran Shifts Focus to Economic Damage Mathew J. Schwartz (euroinfosec) • March 12, 2026

A Iranian hacking group that took credit for hacking a medical device manufacturer and a payment processing device maker has a history of wiper attacks, hack-and-leak campaigns and advancing Tehran's agenda through psychological operations.

See Also: Why HSMs Are Critical to Digital Asset Security

Going by the moniker "Handala," the group appears to be run out of Iran's Ministry of Intelligence, according to cybersecurity threat intel sources who track it under a variety of names, including Banished Kitten, Storm-0842 and Void Manticore.

Check Point Software in a Tuesday report said the Iranian nation-state hacking group Void Manticore "is one of the most active groups pursuing strategic objectives through cyber operations" on ...