Spacecom, the Israeli operator of the AMOS satellite fleet, has been listed on the dark web blog of pro-Palestinian hacker group Handala. The attackers allege they accessed the company’s ground control stations and exfiltrated 379GB of data, including contracts, satellite logs, and employee details.
Researchers, however, cast doubt on these claims. Cybersecurity experts say the evidence mainly consists of RINEX observation and navigation files, along with NDA agreements between Spacecom and its clients.
“The evidence that they indeed have some highly confidential data or sensitive systems that can control the company’s satellites is not that convincing,” researchers said.
Data Analysis and Potential Risks
Handala claims the stolen data includes ground station logs across multiple countries and personnel records. While researchers noted the information could be used in social engineering attacks, it did not include highly sensitive or classified satellite control files.
Spacecom, which generates about $100 million in annual revenue, operates AMOS satellites providing civilian and military communications across the Middle East, EU, and other regions. Researchers warned that, despite doubts about the extent of the compromise, any exploited vulnerabilities should be addressed immediately.
The Handala group, a pro-Tehran hacktivist collective, has consistently targeted Israeli and Western organizations. Earlier this year, the group claimed responsibility for breaching Iran International, a rare independent media outlet in Iran.
Broader Hacktivist Landscape
The attack on Spacecom reflects a growing pattern of politically motivated cyber campaigns targeting critical infrastructure. Groups like Handala combine hacktivist motives with data-leak strategies used by ransomware gangs, leveraging dark web blogs to maximize political impact.
Experts warn that such activity increases reputational risks, creates new social engineering vectors, and could erode confidence in critical communications providers even if technical compromise is unproven.
