Main points
- A popular Iranian prayer app has been hacked, presumably by Israel or the US.
- Hackers sent anti-government notifications to 5 million users, synchronizing with physical attacks on Iranian territory.
/ Collage 24 Channel/Freepik
The escalation of the conflict in the Middle East has entered a new phase, where smartphones have become tools of psychological influence. While military targets have been targeted, millions of civilian users have witnessed an unprecedented disruption of their usual mobile services. The scale of this operation demonstrates careful preparation and deep penetration into Iran's digital infrastructure.
How did an ordinary calendar turn into a tool of state destabilization?
The popular Iranian prayer and planning app BadeSaba Calendar, which has over 5 million downloads on Google Play, has become the epicenter of a large-scale cyber operation. On Saturday morning, at exactly 9:52 a.m. Tehran time, users instead of the usual religious notifications received calls for the overthrow of the government. This began at the very moment when reports of US and Israeli strikes on Iranian territory appeared, writes Cyber Press.
The content of the announcements was aimed at demoralizing the army. The texts stated that aid had already arrived and called on servicemen to lay down their arms in exchange for amnesty.
Cybersecurity experts say the push notification hack was carefully planned in advance. The attackers likely gained access to the app's backend by compromising the supply chain or stealing administrator credentials.
According to estimates, the preparation for such an operation could have lasted several weeks, and the activation took place synchronously with physical attacks on Iranian facilities.
What was unique about this attack was that it was not accompanied by the distribution of malware. It was an information and psychological operation aimed directly at citizens' devices. The settings of the Android notification system allowed these messages to bypass even the “Do Not Disturb” mode, which made the attack even more noticeable and aggressive.
This didn't end there.
The impact of the cyber incident was not limited to the mobile app. Data from monitoring services such as NetBlocks recorded a critical drop in internet connectivity in Iran to 4 percent of normal. National data centers lost access to the global network, which led to the shutdown of mobile internet, broadband networks and blocking bypass services.
State media outlets, including IRNA and ISNA, have also been attacked – their pages have been hacked or subjected to DDoS attacks, resulting in anti-government slogans appearing on them for a short time.
Who is behind the cyberattack?
Experts emphasize that such high precision and synchronism of actions indicates the participation of state structures in the operation. Although no one has claimed responsibility yet, it is obvious that the United States or Israel are behind this.