The strikes, which the US and Israel are calling “preemptive strikes”, come after a period of failed talks between the countries and following mass protests in Iran earlier this year that left at least 3,117 civilians dead, according to government data.
Immediately after the first set of explosions, Iranians received a barrage of notifications on their phones. They came not from the government advising precautions, but from an apparently hacked prayer-timing app called Badesaba Calendar, which has been downloaded more than 5 million times from the Google Play Store.
Immediately after the first set of explosions, messages beginning with the phrase ‘Help has arrived’ came in rapid succession over a 30-minute period at 9:52 a.m. Tehran time. No party has claimed responsibility for the hack.
Screenshots shared with WIRED Middle East show messages urging Iranian military personnel to surrender their weapons with promises of amnesty. He also urged army personnel to join the “army of liberation” and “protect their brothers”.
“The time for revenge has come,” a notification received at 10:02 a.m. read (translated from Persian). “The repressive forces of the regime will have to pay for their cruel and merciless actions against the innocent people of Iran. Anyone who is involved in the defense and security of the Iranian nation will be granted amnesty and amnesty.”
Another message sent at 10:14 a.m. read, “For the freedom of our Iranian brothers and sisters, this is a call to all oppressive forces – lay down your arms or join the forces of liberation. Only in this way can you save your lives. For a free Iran.”
Cybersecurity analysts confirmed that BadeSabah users had received notifications at the time of the attacks, but they could not identify the source of the hack. “At this point, we don’t really know who is behind them, whether it’s Israel or other anti-government Iranian groups,” says Narges Keshavarznia, a digital rights researcher at the Mian Group, adding that no hacker group has claimed credit.
“Responsibility in cases like this is always complex, and it is still too early to draw conclusions.”
However, Moray Haber, chief security advisor at BeyondTrust, pointed out that a cyber operation of this nature would almost certainly have been planned in advance.
“Property settlement [likely] It happened some time ago, and these messages of ‘help’ were strategically timed, he claims. “This is not a smash and grab style of attack. This is nation-state versus nation-state and it is being executed with intent and precision.”
Iran retaliated on Saturday by targeting key military targets across the Middle East. Explosions were reported in Bahrain, Kuwait, the United Arab Emirates and Qatar on Saturday, including several involving missiles that were intercepted.
digital blackout, cyber war
As the war began, the Iranian public has already suffered weeks of internet blackouts and severely reduced connectivity. “The country is experiencing massive internet disruption, and internet access has been significantly reduced in many parts of the country, including Tehran,” says Keshavarznia.
According to Internet monitoring tool NetBlocks, total network traffic has fallen by 4 percent. Keshavarjania said data from the radar monitoring system of ArvanCloud, an Iran-run cloud service, indicated that many of the country’s main data centers and domestic POP sites had either lost connectivity to the international internet or were experiencing severe disruption.
Communications networks have also been disrupted, with phone lines and SMS services disrupted and severe degradation of both mobile data and fixed broadband connections. “International calls to Iran have also reportedly been affected. Even using a VPN has become extremely difficult,” she says.
<a href