BrianKrebs @briankrebs@infosec.exchange
Public

Breaking, new, by me: Iran-backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.

From the story:

"Wiper attacks usually involve malicious software designed to overwrite any existing data on infected devices. But a trusted source with knowledge of the attack who spoke on condition of anonymity told KrebsOnSecurity the perpetrators in this case appear to have used a Microsoft service called Microsoft Intune to issue a ‘remote wipe’ command against all connected devices."

"Intune is a cloud-based solution built for IT teams to enforce security and data compliance policies, and it provides a single, web-based administrative console to monitor and control devices regardless of location. The Intune connection is supported by this Reddit discussion on the Stryker outage, where several users who claimed to be Stryker employees said they were told to uninstall Intune urgently."

krebsonsecurity.com/2026/03/ir

A manifesto from the Handala hacking group, which security firms link to Iranian intelligence agencies. Stryker Corporation Hacked 2026-03-11 We announce to the world that, in retaliation for the brutal attack on the Minab school and in response to ongoing cyber assaults against the infrastructure of the Axis of Resistance, our major cyber operation has been executed with complete success. The Zionist-rooted corporation, Stryker, one of the key arms of the global Zionist lobby and a central ring in the ‘New Epstein’ chain, has been struck with an unprecedented blow. In this operation, over 200,000 systems, servers, and mobile devices have been wiped and 50 terabytes of critical data have been extracted. Stryker’s offices in 79 countries have been forced to shut down. All the acquired data is now in the hands of the free people of the world, ready to be used for the true advancement of humanity and the exposure of injustice and corruption. A clear warning to all Zionist leaders and their lobbies who hide behind concrete walls and closed windows: The era of the ‘Epstein’ rings and the demons of our time is over. ‘Nimrod of this era,’ even if you close your windows, we will build our nests everywhere. Get ready for the mosquito...
0
3
0

If you have a fediverse account, you can quote this note from your own instance. Search https://infosec.exchange/users/briankrebs/statuses/116211468548137252 on your instance and quote it. (Note that quoting is not supported in Mastodon.)