Cyber Sabotage or Smokescreen? The 200,000-Message Standoff Shakes Bennett and Beyond

In the shadowy world of cyber extortion, few spectacles are as public - and as personal - as the latest digital broadside fired at former Israeli Prime Minister Naftali Bennett. While Bennett appears on video insisting his phone remains uncompromised, a hacking collective known as Handala has unleashed a taunting manifesto, claiming to have detonated a “200,000 message bombshell.” Their message: the game is over, and denial is futile.

Fast Facts

• Handala claims to have breached Naftali Bennett’s phone, boasting access to 200,000 messages.
• Bennett publicly denies any compromise, dismissing the reports as fake.
• Two new ransomware attacks were reported on December 18, 2025, targeting d*v***.cl (Devman group) and dgpcommercialisti.it (Ms13089 group).
• Ransomware.live indexes these incidents but does not host or distribute stolen data.
• The public nature of these claims is fueling debate over digital security - and political posturing.

The cyberattack saga began with Handala’s public declaration: they have compromised Bennett’s device and are in possession of a trove of 200,000 messages. The group’s mocking tone and direct address to Bennett - ridiculing his confidence and “desperate” denial - are classic psychological tactics, intended to erode trust and sow confusion.

Yet, the technical proof of such a breach remains elusive. No screenshots, data samples, or technical details have been provided to substantiate Handala’s claims. In the high-stakes theater of hack-and-leak operations, however, perception can be as damaging as reality. Even without hard evidence, the mere allegation is enough to spark frenzied speculation, political mudslinging, and a public relations headache for the target.

Handala’s move comes amid a surge of ransomware attacks recorded by cyber intelligence trackers. On the same day as their Bennett proclamation, two fresh victims - Chilean entity d*v***.cl (hit by the Devman group) and Italian firm dgpcommercialisti.it (struck by Ms13089) - appeared in ransomware leak listings. While the operators behind these attacks remain in the shadows, their playbook is familiar: exfiltrate sensitive data, threaten exposure, and demand ransom. The ransomware.live platform, which tracks such incidents, is careful to note it does not touch or distribute any stolen data, underscoring the legal and ethical quagmire of reporting in this space.

Cyber extortionists thrive on ambiguity and spectacle. By targeting public figures and businesses alike, they force a reckoning with digital trust. For Bennett, the fallout - whether real or manufactured - raises questions about the vulnerabilities of leaders in an era where a single compromised device can upend careers and national security. For the rest of us, it’s a chilling reminder: in the digital underworld, truth is often the first casualty.

Conclusion

As the dust settles on the latest high-profile cyber skirmish, the line between fact and fiction blurs ever further. Whether Handala’s claims are a masterstroke of psychological warfare or a genuine exposé, one thing is clear: in the game of digital cat and mouse, perception is power - and nobody is truly untouchable.

WIKICROOK

• Ransomware: Ransomware is malicious software that encrypts or locks data, demanding payment from victims to restore access to their files or systems.
• Leak Site: A leak site is a website where cybercriminals post or threaten to post stolen data to pressure victims into paying a ransom.
• Hack: A hack is an unauthorized access to computer systems or networks, often to steal data, disrupt services, or exploit vulnerabilities.
• Exfiltration: Exfiltration is the unauthorized transfer of sensitive data from a victim’s network to an external system controlled by attackers.
• Psychological Tactics: Psychological tactics are manipulative methods hackers use to intimidate, discredit, or coerce targets, often by exploiting emotions like fear or embarrassment.