Pro-Israel hacktivist group claims reponsibility for alleged Iranian bank hack

On Tuesday, the hacktivist group known as Predatory Sparrow, or Gonjeshke Darande in Persian, announced that it had successfully breached and disabled Iran's Bank Sepah. The group took to social media platform X to declare their actions, stating, "We, 'Gonjeshke Darande,' executed cyberattacks that obliterated the data belonging to the Islamic Revolutionary Guard Corps’ ‘Bank Sepah.’" Predatory Sparrow accused Bank Sepah of evading international sanctions and using Iranian citizens' funds to support the regime's terrorist operations, missile initiatives, and nuclear military ambitions. Reports from the independent news outlet Iran International highlighted significant disruptions in banking services across Iran, with multiple Bank Sepah branches reported closed and customers unable to access their accounts. Aerie Oseran, a correspondent for i24NEWS, shared images of ATMs in Iran displaying error messages, indicating widespread issues within the banking system. However, attempts to independently confirm the claims of the cyberattack by TechCrunch were unsuccessful. Messages sent to Bank Sepah’s Iranian email addresses bounced back, and affiliates based in the U.K. and Italy did not respond to inquiries. The timing of this alleged breach coincides with escalating military tensions between Israel and Iran, which intensified following Israel's targeted strikes on Iranian nuclear facilities and military sites last Friday. The true identity and motives of Predatory Sparrow remain uncertain. The group presents itself as a pro-Israel entity, having been involved in various cyber operations against Iranian targets for several years. Cybersecurity experts have noted that Predatory Sparrow has demonstrated effective capabilities in the past. John Hultquist, chief analyst at Google’s Mandiant, remarked on the group's credibility, asserting, "Despite appearances, this actor is not all bluster." Rob Joyce, a former NSA official, also acknowledged the tangible impacts of Predatory Sparrow’s previous cyberattacks, which have included significant incidents at Iranian steel plants and gas stations, leading to substantial disruptions.