What message did Handala put along with its logo in crushing cyberattack, and were laptops, phones and other devices of Stryker employees wiped out? Here's hackers complete statement

What message did Handala put along with its logo in crushing cyberattack became a key question after Iranian-linked hackers wiped devices at Stryker. Employees logging into laptops and phones saw a message from the group after destructive wiper ma...

What message did Handala put along with its logo in crushing cyberattack displayed on login screens after hackers wiped thousands of Stryker devices worldwide during a global cyberattack. Pic Credit: X/@TPObserver
What message did Handala put along with its logo in crushing cyberattack became the focus after employees at Stryker logged into wiped devices and saw a message left by hackers. The message read: “No need to learn Hebrew anymore. You won't need it for much longer.” The text appeared alongside the Handala logo on login screens of compromised systems. The cyberattack struck the global network of Stryker, a medical technology company based in Michigan in the United States. Employees reported that laptops, phones, and other connected devices were wiped after the attack. Both company equipment and some personal phones connected to the corporate network were affected.

Cybersecurity investigators believe the attack was carried out by Handala, a pro-Palestinian hacker group believed to have links to Iran. The group claimed responsibility on social media and described the attack as retaliation for military actions linked to the United States and Israel.

What message did Handala put along with its logo in crushing cyberattack?

Employees at Stryker saw the message after logging into laptops and phones that had been wiped during the cyberattack. The login screens showed the Handala logo and a statement from the hackers. The message read, “No need to learn Hebrew anymore. You won't need it for much longer.” The message appeared after the attack erased data from devices connected to the company network, showing that the hackers had taken control of the systems before wiping them.


Were laptops, phones and other devices of Stryker employees wiped out?

Reports from employees and cybersecurity investigators indicate that laptops, phones, and other devices connected to the Stryker network were wiped during the cyberattack. The attackers deployed wiper malware that erased files and data from systems linked to the company’s Microsoft Windows environment. Employees said their laptops stopped working and login screens showed the hackers’ message. In several cases, personal mobile phones were also affected if they had the company’s work profile installed. The wiping of devices prevented staff from accessing company systems, email, and internal communication tools, which halted operations across multiple locations.

Message displayed after systems were wiped

What message did Handala put along with its logo in crushing cyberattack appeared when workers tried to log into systems after the breach. According to employees, the message from the hacker group appeared on screens after the devices had already been wiped.

The hackers said they erased systems connected to the company and extracted large amounts of data. In a statement posted online, the group claimed it wiped over 200,000 systems, servers, and mobile devices and extracted 50 terabytes of data.
ADVERTISEMENT

The group also issued a warning. It said the cyber operation marked the beginning of a “new chapter of cyber warfare.” The statement claimed that Stryker offices in 79 countries were forced to shut down after the attack.

The hackers also linked the operation to a military strike in the Iranian city of Minab. The group said the attack was carried out as retaliation for the strike on a girls’ school that reportedly caused many deaths.

Global disruption hits Stryker operations

The cyberattack caused a major disruption across Stryker’s global network. The company employs more than 56,000 people across 61 countries and manufactures medical devices such as joint implants, surgical equipment, and hospital technology.

Employees across the United States, Europe, and Asia were locked out of their systems. Workers reported they could not access email, internal software, or communication tools.
ADVERTISEMENT

One of the hardest-hit locations was Cork, Ireland, where Stryker operates its largest site outside the United States. The facility employs thousands of workers and its operations were stopped after the systems went offline.

The company confirmed that its Windows environment experienced a global disruption. Stryker said it had engaged Microsoft engineers and cybersecurity specialists to investigate the incident and restore systems.
ADVERTISEMENT

Wiper malware used in the cyberattack

Cybersecurity experts believe the attack used wiper malware, a type of malicious software designed to permanently erase data from systems.

Unlike ransomware attacks that encrypt files and demand payment, wiper malware destroys files and prevents recovery. The malware can overwrite file systems or damage the master boot record so the operating system cannot start.

Several types of wiper malware have been used in geopolitical conflicts. Examples include CaddyWiper, HermeticWiper, IsaacWiper, and FoxBlade, which were used during cyberattacks linked to the conflict in Ukraine in 2022.

These attacks are designed to cause maximum disruption rather than financial gain. When successful, they can make systems inoperable and result in permanent data loss.

How wiper attacks spread and cause damage?

Wiper malware usually enters systems through phishing emails, malicious downloads, or compromised websites. Attackers may also exploit software vulnerabilities to install the malware.

Once inside a network, the malware identifies files, databases, or entire drives. It then deletes or corrupts data. Attackers often use privilege escalation to gain deeper access to systems.

The goal is to destroy as much data as possible and stop normal operations. This can cause financial loss, operational shutdown, and damage to company reputation.

Experts say the best defense against such attacks includes offline backups, strong network monitoring, endpoint security tools, and regular software updates.

Wider cyber conflict concerns

The attack on Stryker highlights the role of cyber operations in global political conflicts. Experts say cyber groups linked to governments or political causes often target companies connected to strategic sectors.

Handala emerged around 2022 and has previously claimed cyberattacks on companies in Israel and the Gulf region. Investigators say such groups often operate in the space between state-backed operations and independent hacktivism.

The Stryker incident shows how cyberattacks can disrupt global supply chains without physical attacks. Analysts say recovery from a major wiper attack may take weeks or months because systems must be rebuilt from backups or clean installations.

FAQs


Q1. What message did Handala put along with its logo in crushing cyberattack?
What message did Handala put along with its logo in crushing cyberattack was: “No need to learn Hebrew anymore. You won't need it for much longer,” which appeared on login screens after systems were wiped.

Q2. What is wiper malware used in the Stryker cyberattack?
Wiper malware is malicious software that deletes or corrupts files permanently. Unlike ransomware, it does not allow recovery of data and aims to destroy systems and disrupt operations completely.
Download
The Economic Times Business News App
for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App
for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
READ MORE
ADVERTISEMENT

READ MORE:

LOGIN & CLAIM

50 TIMESPOINTS

More from our Partners

Loading next story
Business News › News › International › US News › What message did Handala put along with its logo in crushing cyberattack, and were laptops, phones and other devices of Stryker employees wiped out? Here's hackers complete statement
Text Size:AAA
Success
This article has been saved

*

+