The FBI seized and took down two websites linked to the pro-Iranian hacktivist group Handala, which last week claimed responsibility for a destructive cyberattack<\/a> against the U.S. medical tech giant Stryker.\u00a0<\/p>\n As of Thursday, the contents of a website where Handala publicized its hacks, as well as another website that the group used to dox dozens of people over their alleged ties to the Israeli military and defense contractors, such as Elbit Systems and NSO Group, were replaced by a banner announcing the law enforcement action.\u00a0<\/p>\n The seizure announcement did not say why the FBI and the Justice Department took down the websites. But the language in them appears to indicate U.S. authorities believed these sites were run by hackers linked to a foreign government.<\/p>\n \u201cLaw enforcement authorities determined this domain was used to conduct, facilitate, or support malicious cyber activities on behalf of, or in coordination with, a foreign state actor,\u201d read the seizure announcement. \u201cThe United States Government has taken control of this domain to disrupt ongoing malicious cyber operations and prevent further exploitation.\u201d<\/p>\n TechCrunch confirmed the website\u2019s seizure by examining its nameserver records, which now point to servers controlled by the FBI.\u00a0<\/p>\n The FBI and the Justice Department did not immediately respond to TechCrunch\u2019s request for comment.<\/p>\n In a series of announcements posted on the group\u2019s official Telegram channel on Thursday, Handala acknowledged its websites were taken offline, calling the seizures \u201ca desperate attempt to silence our voice.\u201d<\/p>\n \u201cThis act of digital aggression only serves to highlight the fear and anxiety our actions have instilled in the hearts of those who oppress and deceive,\u201d the hackers wrote. \u201cAlthough they attempt to erase the evidence and hide their crimes through censorship and intimidation, their actions only confirm the impact of our mission. The pursuit of justice cannot be stopped by taking down a website, the movement for truth will persist and grow stronger.\u201d<\/p>\n Handala\u2019s X account<\/a> was also recently suspended.<\/p>\n The group did not respond to a message sent to their official chat account.\u00a0<\/p>\n Handala has been active<\/a> at least since the October 7, 2023 attacks by Hamas, and is believed to have ties with the Iranian regime. Last week, the group claimed the attack on U.S. medical company Stryker, which has over 56,000 employees across dozens of countries. The hackers said the hack was in retaliation for the U.S. government missile strike<\/a> that hit an Iranian school, killing at least 175 people, most of them children.\u00a0<\/p>\n Last year, Stryker signed a $450 million contract<\/a> to supply medical devices to the Department of Defense.<\/p>\n Handala reportedly broke into an internal Stryker administrator account, gaining near-unlimited access<\/a> to the company\u2019s Windows network. At that point, the hackers allegedly took over Stryker\u2019s Intune dashboards, a tool that was designed to allow the company to manage employee laptops and mobile devices remotely, which included the ability to delete data.\u00a0<\/p>\n With access to these dashboards, the hackers were reportedly able to wipe devices owned by both the company and its own employees.\u00a0<\/p>\n![\"A](\"https:\/\/techcrunch.com\/wp-content\/uploads\/2026\/03\/handala-hackers-fbi-website-seizure.png?w=680\")