Ethical Hacking News
Wiper Attack on Stryker's Microsoft Environment Leaves Tens of Thousands of Devices Erased Without Malware
Tens of thousands of employee devices were wiped clean without the use of malware in a recent cyberattack on medical technology giant Stryker. The attack, carried out by pro-Palestinian hacktivist group Handala, targeted Stryker's internal Microsoft environment and resulted in significant disruption to operations. The attacker used phishing and social engineering tactics to gain unauthorized access to an administrator account, creating a new Global Administrator account. The attack had significant consequences for Stryker, with many electronic ordering systems still offline, causing delays and disruptions to the supply chain.
The recent cyberattack on medical technology giant Stryker has left a trail of destruction, as tens of thousands of employee devices were wiped clean without the use of malware. The attack, which was carried out by the pro-Palestinian hacktivist group Handala, targeted Stryker's internal Microsoft environment, resulting in significant disruption to the company's operations.
According to reports, the attacker used a combination of phishing and social engineering tactics to gain unauthorized access to an administrator account, creating a new Global Administrator account that allowed them to remotely erase data from nearly 80,000 devices between 5:00 and 8:00 a.m. UTC on March 11. This action was carried out without the use of malware, leaving no digital fingerprints behind.
The attack had significant consequences for Stryker, with many of its electronic ordering systems still offline. As a result, customers were forced to place orders manually through sales representatives, causing delays and disruptions to the company's supply chain.
Stryker Corporation is a leading U.S.-based medical technology company that develops and manufactures devices and equipment used in hospitals, including surgical tools, orthopedic implants, medical imaging systems, and hospital beds. The company has over 53,000 employees and reported global sales of $22.6 billion in 2024.
The Handala group, which is widely seen as a front for Iran-backed Void Manticore, has been involved in various cyberattacks against Israeli military servers, intelligence officers, and companies. They have also engaged in info operations and psychological warfare, using tactics such as phishing, data theft, extortion, and destructive wiper attacks.
The recent attack on Stryker is seen as a significant escalation of the group's activities, with the attacker claiming that this was "only the beginning of a new chapter in cyber warfare". The incident highlights the growing threat posed by hacktivist groups and their ability to carry out sophisticated and targeted attacks against organizations around the world.
In response to the attack, Stryker has confirmed that its medical devices were not affected and remain safe to use. However, the company has acknowledged the significant disruption caused by the attack and is working closely with Microsoft's Detection and Response Team (DART) and Palo Alto's Unit 42 to investigate the incident and prevent similar attacks in the future.
The investigation into the attack is ongoing, but it is clear that the use of wiper malware was not employed, raising questions about the methods used by the attacker. The fact that the attack did not result in any ransom demands suggests that the goal may have been to disrupt operations rather than extract financial gain.
As the world's largest medical device manufacturer, Stryker has a critical role to play in ensuring the safety and well-being of patients around the globe. The recent attack on its Microsoft environment is a stark reminder of the growing threat posed by cyberattacks and the need for organizations to prioritize their cybersecurity posture.
The incident also highlights the importance of collaboration between companies and law enforcement agencies to share intelligence and best practices for preventing and responding to cyberattacks. As the nature of cyber threats continues to evolve, it is essential that organizations work together to stay ahead of these threats and protect themselves against future attacks.
In conclusion, the recent wiper attack on Stryker's Microsoft environment was a significant disruption to the company's operations, leaving tens of thousands of employee devices erased without the use of malware. The attacker's methods remain unclear, but it is clear that the incident highlights the growing threat posed by hacktivist groups and the need for organizations to prioritize their cybersecurity posture.
Wiper Attack on Stryker's Microsoft Environment Leaves Tens of Thousands of Devices Erased
Related Information:
https://www.ethicalhackingnews.com/articles/Wiper-Attack-on-Strykers-Microsoft-Environment-Leaves-Tens-of-Thousands-of-Devices-Erased-ehn.shtml
https://securityaffairs.com/189535/hacking/attack-on-stryker-s-microsoft-environment-wiped-employee-devices-without-malware.html
https://cyberpress.org/stryker-confirms-massive-wiper-attack/
https://cybersecuritynews.com/stryker-wiper-attack/
https://thecyberexpress.com/who-is-handala-hackers-in-stryker-cyberattack/
https://www.timesnownews.com/world/stryker-cyber-attack-all-about-handala-iran-linked-hacktivist-group-behind-attack-on-us-medical-giant-article-153812808
https://brandefense.io/blog/void-manticore-apt-2025/
https://hivepro.com/threat-advisory/void-manticore-irans-evolving-cyber-warfare-model/
Published: Tue Mar 17 05:44:07 2026 by llama3.2 3B Q4_K_M
