SP
BravenNow
Justice Department seizes domains linked to Iran hacker group
| USA | general | ✓ Verified - nbcnews.com

Justice Department seizes domains linked to Iran hacker group

#Justice Department #domain seizure #Iran #hacker group #cyber threats #state-sponsored #infrastructure protection

📌 Key Takeaways

  • The U.S. Justice Department has seized internet domains connected to an Iranian hacker group.
  • The action is part of efforts to disrupt state-sponsored cyber threats from Iran.
  • The seized domains were allegedly used for malicious cyber activities.
  • This move aims to protect U.S. infrastructure and private entities from cyberattacks.

📖 Full Retelling

The Justice Department has seized four internet domains linked to Iran, including one used by a hacker group that claimed responsibility for a cyberattack on a U.S. medical tech company.

🏷️ Themes

Cybersecurity, Law Enforcement, International Relations

📚 Related People & Topics

Ministry of justice

Government agency in charge of justice

A justice ministry, ministry of justice, or department of justice, is a ministry or other government agency in charge of the administration of justice. The ministry or department is often headed by a minister of justice (minister for justice in a very few countries) or a secretary of justice. In som...

View Profile → Wikipedia ↗
Iran

Iran

Country in West Asia

# Iran **Iran**, officially the **Islamic Republic of Iran** and historically known as **Persia**, is a sovereign country situated in West Asia. It is a major regional power, ranking as the 17th-largest country in the world by both land area and population. Combining a rich historical legacy with a...

View Profile → Wikipedia ↗

Entity Intersection Graph

Connections for Ministry of justice:

🌐 Epstein files 10 shared
🌐 Presidency of Donald Trump 10 shared
👤 Jeffrey Epstein 9 shared
👤 Donald Trump 8 shared
👤 Pam Bondi 5 shared
View full profile

Mentioned Entities

Ministry of justice

Government agency in charge of justice

 Iran

Iran

Country in West Asia

Deep Analysis

Why It Matters

This action matters because it represents a significant escalation in U.S. cyber defense operations against state-sponsored threats, directly impacting national security and critical infrastructure protection. It affects government agencies, private sector companies, and individuals who might be targeted by Iranian cyber operations, while also signaling to other nation-state actors about U.S. willingness to take offensive cyber measures. The seizure disrupts ongoing malicious activities and demonstrates the Justice Department's expanding role in proactive cyber defense beyond traditional law enforcement boundaries.

Context & Background

  • Iran has maintained sophisticated state-sponsored hacking groups for over a decade, with groups like APT33, APT34, and APT39 conducting cyber espionage and disruptive operations against Western targets
  • The U.S. has previously sanctioned Iranian individuals and entities for cyber activities, including the 2020 indictment of two Iranians for attempting to interfere in the presidential election
  • Domain seizure has become an increasingly common tool in U.S. cyber defense, with previous operations targeting Russian, Chinese, and North Korean hacking infrastructure
  • Iranian cyber groups have been linked to attacks on critical infrastructure, including attempts to breach water systems and energy facilities in multiple countries

What Happens Next

Expect increased monitoring of Iranian cyber activity for retaliation or adaptation to new infrastructure. The Justice Department will likely continue similar operations against other state-sponsored groups, with possible indictments of individual hackers following investigations. International partners may coordinate similar takedowns, and affected organizations should enhance their cybersecurity measures against potential Iranian cyber retaliation in coming weeks.

Frequently Asked Questions

What legal authority allows the Justice Department to seize domains?

The Justice Department typically uses court orders under various statutes including computer fraud laws and foreign intelligence surveillance authorities. These seizures are approved by federal judges who find probable cause that the domains are being used for illegal activities or pose national security threats.

How effective are domain seizures in stopping hacker groups?

Domain seizures disrupt ongoing operations and force hackers to rebuild infrastructure, buying time for potential targets. However, sophisticated state-sponsored groups typically have backup infrastructure and can quickly establish new domains, making this a temporary disruption rather than permanent solution.

What types of organizations were likely targeted by these Iranian hacker groups?

Iranian hacking groups typically target government agencies, defense contractors, energy companies, and financial institutions. They also frequently target dissidents, journalists, and academic institutions as part of broader intelligence gathering and influence operations.

How does this action fit into broader U.S.-Iran relations?

This cyber action occurs amid ongoing tensions over Iran's nuclear program and regional activities. It represents continued low-intensity conflict in cyberspace while avoiding direct military confrontation, consistent with U.S. strategy of imposing costs for malicious cyber behavior.

What should organizations do to protect against similar threats?

Organizations should implement multi-factor authentication, regularly patch systems, monitor for suspicious domain activity, and conduct employee cybersecurity training. They should also review threat intelligence about Iranian tactics and share information with industry groups and government partners.

}
Original Source
Justice Department seizes domains linked to Iran hacker group One was linked to a cyberattack on a U.S. medical tech company, the DOJ said. Others were linked to Iran's Intelligence and Security Ministry and used to post sensitive data and send death threats to journalists and dissidents. The domains were also used by Iranian Intelligence and Security Ministry to claim credit for hacking and to post sensitive data, the Justice Department said. Kent Nishimura / Los Angeles Times via Getty Images file Share Add NBC News to Google March 19, 2026, 7:57 PM EDT By Kelly O'Donnell Listen to this article with a free account 00:00 00:00 The Justice Department has seized four internet domains linked to Iran, including one used by a hacker group that claimed responsibility for a cyberattack on a U.S. medical tech company. The seized domains “Justicehomeland.org,” “Handala-Hack.to,” “Karmabelow80.org,” and “Handala-Redwanted.to,” were also used by Iranian Intelligence and Security Ministry to claim credit for hacking and to post sensitive data, the Justice Department said Thursday. The United States and Israel began an air assault on Iran on Feb. 28. Since then, Iran has retaliated against U.S. military bases, consulates, Israel and other targets across the Middle East using drones and missiles. Last week, an Iran-backed group also claimed responsibility for hacking an American company, the first significant instance since the start of the war. Handala Team, which cybersecurity companies say has ties to the Iranian Intelligence Ministry, said on its Telegram and X accounts that it had orchestrated the technology company hack. The group routinely brags about its exploits on the social media platforms, which have in recent days taken down previous versions of their accounts. According to the Justice Department, the group used the domain Handala-hack.to claim credit for the malware attack. The group also posted photos, details of roughly 190 people affiliated with the Israel Defen...
Read full article at source

Source

nbcnews.com

More from USA

News from Other Countries

🇬🇧 United Kingdom

🇺🇦 Ukraine