ADVERTISEMENT

FBI seizes Iran-linked Handala websites after Stryker hack that delayed surgeries

The FBI on Thursday seized four websites tied to Handala and a broader Iranian cyber campaign, after the pro-Iranian hacking group claimed last week’s cyberattack on medtech giant Stryker that disrupted hospital operations.

FBI Handala seizure banner

Image by the Federal Bureau of Investigation

Stefanie Schappert
Stefanie Schappert Senior Journalist
Mar 19, 2026 Updated: 20 March 2026 5 min read
Key takeaways:
Handala FBI seized with web address
An FBI seizure banner now replaces the Handala website after authorities took control of the domain on March 19th, 2026. Image by the Federal Bureau of Investigation
Handala logo
Handala logo. Image by Cybernews via Handala Telegram channel

DOJ ties seizure to Iran cyber operations

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites

Handala responds, but the comeback stalls

Handala FBI seizure nameservers
Handala responded with a statement on Telegram after the FBI seized its websites. Image by Cybernews via Handala Telegram channel
ADVERTISEMENT
Handala promotes new website
Handala tells followers it is already rebuilding new infrastructure. Image by Cybernews via Handala Telegram channel

How Handala got here

Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.
SOCRadarHandala
Image by SOCRadar.
Handala Stryker post
Handala’s leak site entry claims responsibility for the Stryker cyberattack. Image by Cybernews via Handala leak site
Handala Stryker cyberattack update
Stryker provides customer updates after the cyberattack disrupted parts of its network. Image by Cybernews via stryker.com
CISA Microsoft Advisory
CISA issued an alert on March 18th warning US organizations that attackers may be targeting Microsoft endpoint management systems. Image by Cybernews via cisa.gov

ADVERTISEMENT