The FBI seized two websites affiliated with Iran-linked hacktivists known as Handala, TechCrunch reported on March 19. The first website was used to publicize its hacks, and the other was used to dox individuals with ties to the Israeli military and defense contractors.

On March 11, Handala claimed responsibility for a cyberattack that reportedly crippled medical giant Stryker Corp.'s global operations and represented the first major Iranian cyberattack in retaliation for joint U.S.-Israeli strikes on the country. Handala likely carried out the hack by using info-stealing malware to obtain administrative credentials to the company's Microsoft Intune systems, which Handala then used to issue a command to wipe data from tens of thousands of devices. The group has also been documented deploying data-wiper malware, which would permanently corrupt or erase systems with no option for recourse and likely result in lengthy downtime. As of March 19, Stryker is still working to restore its computers and internal network, though it says it has contained the breach.