⏱ 2 min read
The Islamic Republic of Iran’s Ministry of Intelligence and Security (MOIS) has been disrupting the US with cyber-enabled psychological operations. In Maryland, the MOIS used four domains – Justicehomeland[.]org, Handala-Hack[.]to, Karmabelow80[.]org, and Handala-Redwanted[.]to – to claim credit for hacking activity, post sensitive data, and call for the killing of journalists, regime dissidents, and Israeli persons. The domains were seized as part of an ongoing effort to disrupt hacking and transnational repression schemes. The MOIS used the Handala-hack[.]to domain to claim credit for a March 2026 destructive malware attack against a U.S.-based multinational medical technologies firm.
Attorney General Pamela Bondi stated that terrorist propaganda online can incite real-world violence, and the seized network of Iranian-backed sites will no longer broadcast anti-American hate. FBI Director Kash Patel added that Iran thought they could hide behind fake websites and keyboard threats to terrorize Americans and silence dissidents, but the FBI will hunt down every actor behind these cowardly death threats and cyberattacks.
Assistant Attorney General for National Security John A. Eisenberg noted that Iran, the leading state sponsor of terrorism worldwide, used the seized domains to dox and harass dissidents and journalists, incite violence against Jewish communities, and spread Tehran’s anti-American propaganda. The National Security Division is committed to dismantling these operations.