Handala is a threat actor attributed to PS. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Handala exploit?

Specific CVE exploitation data for Handala is being tracked. Check the Strobes VI threat actor profile for updates.

Handala

Exploited CVEs

Overview

Handala is a pro-Palestinian hacktivist group that targets Israeli organizations, employing tactics such as phishing, data theft, extortion, and destructive attacks using custom wiper malware. The group utilizes a multi-stage loading process, including a Delphi-coded second-stage loader and an AutoIT injector, to deliver wiper malware that specifically targets Windows and Linux environments. Their phishing campaigns often exploit major events and critical vulnerabilities, masquerading as legitimate organizations to gain initial access. Handala operates a data leak site to publicize stolen data, although claims of successful attacks are sometimes disputed by targeted organizations.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database