Handala claim to have released 10gb of customer data for AGAS.

It does appear AGAS has a security incident going on. AGAS declined to comment when asked.

Handala claim to have hacked and wiped 74 servers at AGAS - https://www.agas.co.il - an Israeli MSP, MSSP and cloud reseller.

I’m not sure the size of the org stacks up with Handala’s claim. Also, 74 servers is not a lot.

I’ve reached out to AGAS to see if they want to comment.

Handala claim they are doing a “ultra big wipe”

Handala have deleted their previous message and replaced it with this.

Obviously, Handala are awake.

Handala claim they used a MaxShop SMS account to send 5 million messages. Their screenshot and my translated version below.

Handala’s latest dump is of a podcasting platform called Doscast. Email addresses and encrypted passwords.

Handala's latest is a dump allegedly of Ron Prosor's emails, who they originally mentioned 8 days ago. Ron is the Ambassador of Israel to Germany. Telegram post includes death threats.

50k emails, again looks like a personal email account. #threatintel #handala

Edit: I broke the thread on this, the prior ones are at

Handala are now upset with Yair Golan, in particular highlighting his comments about a possible attack on Iran.

Contains the usual, a picture dump - so far no email dump. #handala #threatintel

Edit: I broke the thread, the continuing toots are at

Silver Shadow’s website is back online. Makes no reference to what happened.

MaxShop’s website is back online. Contains no reference to what happened.

Silver Shadow’s website has gone offline, displaying a Wordpress error page.

Handala have done a defacement of Silver Shadow, a small exporter of licensed firearms.

https://silver-shadow.com/

MaxShop’s website has changed to a Plesk default site.

Handala have posted 300gb of what they claim is IBB - Israel Industrial Batteries - internal data.

Previously they claimed they had access, but hadn’t provided proof.

MaxShop’s website is still offline.

Handala claim to have done a hack and wipe of MaxShop, a point of sale vendor in Israel.

I have confirmed their website was defaced and has been taken offline.

The Handala claim of hacking Shin Bet mobiles via a supply chain hack does not appear to stack up.

They appear to have used material from NativCell, who provide internet filtering and management for Haredim (strictly Orthodox).

It’s part of a pattern with Handala where they take some access and spin it to mean something it doesn’t.

In the screenshots as evidence, one shows a phone screenshot using Maps - at a Kosher bar in Hackney in London.

Additionally, the screenshot of the list of devices almost all have ‘test’ in the device name.

Handala claims to have performed a supply chain attack on Shin Bet, the Israel Security Agency, they say allowing them to install software on managed mobile phones.

The photos provided appear to show access to some kind of Mobile Device Management platform. They also provided a data dump.

Handala have posted an Iranian propaganda video, with “Great News For Shin Bet On The Way”

Crap web defacement of Haderi Haredim sites

Handala are saying they’ve sent 1 million messages, whatever that means. Anybody in Israel got any strange texts?

Israel PM office has acknowledged they are dealing with an incident at Soreq referenced above, but no safety impact.

Today Handala have a dump of 110k emails from/to former Israel PM. Emails are again collected from a personal email account.