The pro-Israeli hacktivist group Predatory Sparrow, or Gonjeshke Darande, has claimed a flashy cyberattack. Their advocacy and actions ultimately resulted in the shutdown of Iran’s Bank Sepah. This incident has led to widespread banking disruptions across the country, highlighting the ongoing tensions between Israel and Iran, particularly in the realm of cyber warfare.
The attack occurred as relations between the two countries reached a breaking point. Israel had recently launched direct strikes against Iranian nuclear energy facilities and military sites, further inflaming the conflict. The task force has been going after Iranian companies and organizations for years, claiming their participation in the greater geopolitical fight.
Journalist Aerie Oseran, an i24NEWS correspondent, reporting on the day of the cyberattack. She tweeted haunting photos of ATMs across Iran displaying “out of service” messages. Today’s incident further highlights the devastating consequences of this attack on routine banking activities throughout the nation.
Predatory Sparrow claimed responsibility for their attacks, referring to themselves as ‘Gonjeshke Darande.’ Their actions culminated in the criminal erasure of data pertaining to the IBRG’s ‘Bank Sepah’. This claim is consistent with their track record of past attacks that have targeted Iran’s critical infrastructure.
Rob Joyce once ran the National Security Agency’s hacking operations and then went on to advise the Biden administration on cybersecurity. He further noted that “Past cyber attacks by Predatory Sparrow on Iranian steel mills and gas stations have showed real-world impact inside Iran.” This simple note speaks volumes to the success of the Pavilion’s internal process on reaching their overarching goals.
John Hultquist, who is chief analyst at Google’s Mandiant, provided insightful commentary on the situation, emphasizing that in spite of this actor’s bluster and arrogance, “this actor is not all bluster.” His observation is a useful reminder that Predatory Sparrow’s actions are measured and extremely impactful within the larger lens of cyber warfare.
Techmeme’s Lorenzo Franceschi-Bicchierai is one of the keenest observers of this story. He serves as Senior Writer for TechCrunch, focusing on hacking, cybersecurity, surveillance and privacy. You can contact him encrypted on Signal at +1 917 257 1382. Or, ring him on Keybase or Telegram at @lorenzofb, or email lorenzo@techcrunch.com.