What is Handala Hack?

Iranian threat actor Void Manticore, behind wiper attacks and data leaks via personas like Homeland Justice.

How does Handala Hack operate?

They infiltrate, exfil data, deploy disk-wipers, then leak online for propaganda—targeting Middle East foes.

Is Handala Hack linked to Iran government?

Strong indicators via tooling, timing, and motives point to IRGC sponsorship, per Check Point.

Handala Hack: Iran's Destructive Leak Machine Exposed

Iran's Handala Hack group doesn't just steal data—they wipe systems and leak secrets with surgical precision. Check Point's deep dive reveals a playbook that's equal parts chaos and calculation.

theAIcatchup Apr 08, 2026 4 min read

Check Point Research graphic detailing Handala Hack operations and timelines

⚡ Key Takeaways

Handala (Void Manticore) blends destructive wipers with public leaks for maximum geopolitical impact. 𝕏
Ops ramped up mid-2022 via Homeland Justice persona, targeting Israel, Saudi, Kurds. 𝕏
Expect Western escalation; defenses need intel-sharing and behavioral detection. 𝕏

Published by

theAIcatchup

Threat intelligence. Zero noise.

#Handala Hack #Iranian APT #Void Manticore #wiper malware

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Check Point Research

⚡ Key Takeaways

The 60-Second TL;DR

theAIcatchup

Share this article

Worth sharing?

Related Stories

Iranian Hackers Erase Stryker's Digital Lifeline: Medtech's Nightmare Begins

Iran's Hackers Swap Wipers for Identity Strikes

Iranian Hackers Raid FBI Director's Gmail: Personal Pics and Payback

Wiper Attacks from Iran: The Digital Eradication Wave Hitting Now

Stay in the loop