However, Handala’s second claim—that he hacked the FBI—seems, for now, speculative. All evidence points to Handala breaking into Patel’s old, personal Gmail account. Handala, widely considered a “hacktivist” front for Iran’s intelligence agency MOIS, suggested on its website that the emails contained classified information, but the messages initially reviewed by WIRED were not related to any government work. However, TechCrunch found that Patel appeared to have forwarded some emails from his Justice Department email account to his Gmail account in 2014.
Handala, which cybersecurity experts described to WIRED as an “opportunistic” hacker group whose cyberattacks and breaches are often calculated more for their propaganda value than their strategic effects, nevertheless made the most of Patel’s embarrassing breach. “To the entire world, we declare: The FBI is just a name, and there is no real security behind this name,” the group wrote in its statement. “If your director can be compromised so easily, what do you expect from your lower level employees?”
Handalha hackers put $50 million bounty on Trump and Netanyahu’s heads
For further evidence of Handala’s bombastic rhetoric, see another post on its website from earlier this week (we’re not intentionally linking to it) in which a $50 million reward was offered to anyone who could “eliminate” US President Donald Trump and Israeli Prime Minister Benjamin Netanyahu. “This substantial reward will be awarded directly and securely to any individual or group courageous enough to show true action against tyranny,” the hackers’ statement said, along with an invitation to reach out to any would-be murderers via encrypted messaging app Sessions. “All our communication and payment channels use the latest encryption and anonymization technologies, your security and privacy are fully guaranteed.”
Handala said the reward was posted last week in response to a statement about Handala published on the U.S. Department of Justice website, which offered $10 million for information leading to the identity or location of anyone who conducts “malicious cyber activities against U.S. critical infrastructure” on behalf of a foreign government.
“Our message is clear: If you really have the will and the strength, come and find us!” Handala wrote in his response. “We are not afraid of any challenge and are ready to respond to every attack with even greater force.”
In another post on his website this week, Handala also claimed that he had defrauded 28 engineers of military contractor Lockheed Martin working in Israel and threatened them with personal harm if they did not leave the country within 48 hours. However, when WIRED attempted to call the phone numbers included in Handala’s leaked data, most of them did not work.
Apple says no device with the Lockdown Mode security feature enabled has been successfully compromised by mercenary spyware in the nearly four years since its launch. Amnesty International’s security lab head, Donncha Ó Ceirbhail, also says his team has seen no evidence of a successful attack against a lockdown mode-enabled iPhone. And Citizen Lab, which has documented several successful spyware attacks against the iPhone, says none involved lockdown mode bypass, while in two cases its researchers found the feature actively blocked attacks against NSO Group’s Pegasus and Intellexa’s Predator. Meanwhile, Google researchers have found a spyware strain that skips infection attempts when it detects the feature is enabled.
Lockdown mode works by disabling commonly used iPhone features, such as most message attachment types and links and features like link previews. Incoming FaceTime calls are blocked unless the user has previously called that person within the last 30 days. When iPhone is locked, it blocks the connection with the computer and accessories. The device will not automatically join non-secure Wi-Fi networks, and 2G and 3G support is disabled. Apple has also doubled the reward for researchers who discover any lockdown mode bypass, including a payment of up to $2 million.
<a href