While missiles and bombs have flown between Israel and Iran since the large-scale attack launched by Israel on Friday, June 13, the conflict has also extended into cyberspace. On Tuesday, June 17, the group Gonjeshke Darande (“Predatory Sparrow” in Farsi) claimed responsibility for a cyberattack against Sepah Bank, one of the country’s largest financial institutions. 24 hours later, on its Telegram channel, the group announced it had targeted Nobitex, the main cryptocurrency exchange platform in Iran, which Gonjeshke Darande described as “a key tool for the regime to finance terrorism and circumvent sanctions.”
While the group reportedly stole and made disappear as much as $90 million from Nobitex, the full impact of the attack on Sepah Bank has not been completely confirmed. However, the claim is credible, as Gonjeshke Darande has already demonstrated its ability to damage Iranian interests.
Although some of its malicious software had been used as early as 2019 against Iranian interests in Syria, the group emerged publicly in summer 2021, when it claimed responsibility for two major operations. The first such operation targeted the Iranian railways, delaying trains and disrupting station activity; the hackers even altered information screens to display the phone number of the office of Supreme Leader Ali Khamenei. The following day, the website of the Ministry of Transport was hit by another cyberattack. “Our goal with this attack was to express our disgust at the abuses and cruelty inflicted by the government on the Iranian nation,” the group wrote on its Telegram channel at the time.
You have 69.01% of this article left to read. The rest is for subscribers only.
