Handala Hack, also tracked by Check Point Research as Void Manticore, is an Iranian threat actor that is known for multiple destructive wiping attacks combined with “hack and leak” operations. The threat actor operates several online personas, with the most prominent among them being Homeland Justice, maintained from mid-2022 specifically for multiple attacks against government, telecom, and other...
The strongest version of this narrative presents Handala Hack as a persistent and adaptive threat actor with clear ties to Iranian state interests. The analysis is thorough, providing detailed technical insights into the group's TTPs, infrastructure, and operational evolution. It acknowledges the group's declining operational security while highlighting its continued effectiveness in destructive attacks. The inclusion of IOCs and TTPs adds practical value for defenders, and the historical contex...