Handala Hacker Group Targets Israeli High-Tech and Aerospace Professionals in Escalating Cyber Campaign
In a significant escalation of cyber hostilities, the Handala hacker group has initiated a targeted campaign against Israeli professionals in the high-tech and aerospace sectors. This operation marks a concerning shift from traditional propaganda to active doxxing and intelligence gathering against private-sector employees.
Public Exposure and Bounty Offers
Handala has publicly released a list of individuals employed in critical Israeli industries, accompanied by hostile descriptions that falsely label them as criminals. The group disseminated this dataset through their dark web platform and has offered financial rewards to those who can provide additional information about the targeted individuals. This bounty-style approach effectively crowdsources intelligence collection, amplifying the threat beyond the initial data leak and endangering ordinary professionals.
Data Collection and Manipulation Techniques
Security researchers at Trustwave identified this activity during ongoing dark web monitoring operations. Their analysis revealed that the published dataset heavily relies on information scraped from LinkedIn profiles. However, several inconsistencies were noted, including individuals who had left their listed companies years ago, employees in non-sensitive roles, and profiles with no verifiable connection to the high-tech sector. This suggests that Handala may be supplementing legitimate LinkedIn data with fabricated entries or information from unverifiable sources, inflating their target list while maintaining a veneer of authenticity.
Implications and Recommendations
The indiscriminate nature of this data collection demonstrates how publicly available information can be weaponized at scale. By framing ordinary workers as criminal targets and pairing this with financial incentives for additional intelligence, Handala has created a dangerous mechanism that poses direct risks to the privacy, safety, and professional reputations of legitimate employees.
Security experts recommend heightened personal data hygiene, continuous monitoring for identity-related threats, and organizational awareness programs to protect against similar targeting campaigns in the future.
