Iranian-linked hackers release private messages stolen in latest cyberattack
In the latest cyberattack related to the war in Iran, the Iranian-linked hacker group Handala has leaked what it claims are the private communications of a top Israeli political analyst.
On Monday, the hackers released messages from WhatsApp and X purportedly belonging to Raz Zimmt, director of the Iran and the Shiite Axis research program at the Institute for National Security Studies (INSS) in Tel Aviv.
“Once again, you ignored our warnings, and now you’re facing the consequences,” the hackers wrote. “We repeatedly told you that your only way out was to leave the Israeli National Security Institute, but you underestimated us.”
On its website, INSS says it is an independent think tank with the goal of “influencing Israel’s long-term national security policy.” Zimmt served more than two decades in the Israeli Defense Forces, where he was “a veteran Iran watcher,” according to the INSS website. He also has written extensively about Iranian politics and foreign policy.
Straight Arrow News analyzed the leaked files and found 107 screenshots of alleged direct messages from Zimmt’s inbox on X. The WhatsApp data is more extensive and includes not only messages but attachments such as audio files, images and videos.
SAN located sensitive items in the leak, including photographs of Zimmt’s German and Israeli passports. Zimmt did not respond to SAN’s request for comment.
One of the screenshots showed a conversation on X between Zimmt and Mohsen Behzad Karimi, a senior fellow at the European Foundation for Democracy in Brussels.
Karimi confirmed to SAN the conversation’s authenticity.
“I know Mr. Zimmt only in a professional capacity and we only exchange professional views,” Karimi said.
The announcement from Handala, a group accused by Western analysts of having direct ties to Iranian intelligence, comes less than two weeks after the hackers leaked emails from the personal Gmail inbox of FBI Director Kash Patel.
The hacker group also carried out a crippling cyberattack against the U.S.-based medical equipment company Stryker last month. Its activity has increased since the U.S. and Israel began conducting airstrikes against Iran at the end of February.
Before releasing Patel’s emails, which spanned from 2011 to 2022, the FBI had offered a $10 million reward for information on the group. Despite the bounty and repeated takedowns of Handala’s websites by U.S. authorities, the group remains active online.
The alleged hack of Zinnt’s messages follows the breach of his email by Handala last month. The hackers followed up by releasing emails allegedly belonging to Tamir Hayman, the executive director of the INSS. Hayman previously served as the chief of the Israeli Defense Force’s Intelligence Directorate between 2018 and 2021.
Ella Rae Greene, Editor In Chief
