An Iranian government-backed hacker group called Handara announced Friday that it had compromised FBI Director Kash Patel’s personal email account.
In a post on its website, Handala included several photos of Patel looking noticeably younger and a link to a cache of files that appeared to be sent from Patel’s personal Gmail account.
By examining information contained in message headers, TechCrunch confirmed that at least some of the emails leaked by Handala came from Patel’s alleged Gmail account. These message headers contain information from the sender that helps email delivery systems verify that the email is genuine and not spoofed.
We used our tools to verify multiple emails in the leaked cache of files sent by Mr. Patel from his Gmail account. These emails contain cryptographic signatures that match the messages, which strongly suggests that the emails we checked are genuine. In some cases, Patel appears to have sent emails from his former Justice Department email address to his Gmail account in 2014. TechCrunch found that emails sent from Patel’s Justice Department account also appear to be genuine.
The files in the leaked cache appear to date back to around 2019.
The FBI and Justice Department did not respond to requests for comment.
Reuters, which first reported the email leak, said a Justice Department official confirmed the leak.
inquiry
Do you have more information about this alleged violation by Kash Patel? You can contact Lorenzo Franceschi-Bicchierai securely from a non-work device on Signal (+1 917 257 1382) or on Telegram, Keybase and Wire @lorenzofb, or email.
TechCrunch reported that the hacker sent a message to Patel’s revealed Gmail email address asking for confirmation, as well as a text message to the cell phone number listed on the resume purportedly belonging to Patel. There was no immediate response.
Since the US-Israel war against Iran began in February, Iran-linked Handara has stepped up its hacking efforts, most notably claiming responsibility for a devastating attack on medical technology giant Stryker that wiped tens of thousands of its employees’ devices. The hackers also released the personal information of several people believed to be members of the Israel Defense Forces and local defense contractors.
After the Stryker hack, the FBI seized several Handala websites, which were quickly brought back online under new domains. U.S. prosecutors have formally accused Iran’s Ministry of Intelligence and Security (MOIS) of running the Handara Group.
The hackers did not respond to TechCrunch’s requests for comment sent to a chat account published by the hackers on their website and an email address owned by the group published by the Department of Justice.
Revised fourth paragraph to note that the email was sent from Patel’s Justice Department email address, not his FBI email address. ZW.
Source link
