عربي English Türkçe اردو فارسى
Logo
Latest News
World

Iran Pays Millions in Ransom to End Cyberattack on Banks

Iranians at a bank branch in Tehran (IRNA)
Iranians at a bank branch in Tehran (IRNA)
TT
TT

Iran Pays Millions in Ransom to End Cyberattack on Banks

Iranians at a bank branch in Tehran (IRNA)
Iranians at a bank branch in Tehran (IRNA)

A massive cyberattack that hit Iran last month threatened the stability of its banking system and forced the country's regime to agree to a ransom deal of millions of dollars, POLITICO reported on Thursday.

The newspaper said an Iranian firm paid at least $3 million in ransom last month to stop an anonymous group of hackers from releasing individual account data from as many as 20 domestic banks in what appears to be the worst cyberattack the country has seen, quoting industry analysts and western officials briefed on the matter.

A group known as IRLeaks, which has a history of hacking Iranian companies, was likely behind the breach, the officials said.

The hackers are said to have initially threatened to sell the data they collected, which included the personal account and credit card data of millions of Iranians, on the dark web unless they received $10 million in cryptocurrency, but later settled on a smaller sum.

Iran’s authoritarian regime pushed for a deal, fearing that word of the data theft would destabilize the country’s already-wobbly financial system, which is under intense strain amid the international sanctions the country faces, the officials said.

Iran never acknowledged the mid-August breach, which forced banks to shut down cash machines across the country.

IRleaks entered the banks’ servers via a company called Tosan, which provides data and other digital services to Iran’s financial sector, the officials said.

Using Tosan, the hackers appear to have siphoned data from both private banks and Iran’s central bank. Of Iran’s 29 active credit institutions, as many as 20 were hit, including the Bank of Industry and Mines and the Post Bank of Iran.

Though the attack was reported at the time by Iran International, an opposition news outlet, neither the suspected hackers nor the ransom demands were disclosed.

Iran’s supreme leader delivered a cryptic message in the wake of the attack, blaming the US and Israel for “spreading fear among our people,” without acknowledging the country’s banks were under assault.

Despite the growing tensions between Iran and both the US and Israel, people familiar with the Iranian banking hack told POLITICO that IRLeaks is affiliated with neither the US nor Israel.

Most Viewed

 
 
World

Netanyahu Prepares Grounds to Dismiss Chief of Staff

Netanyahu with dismissed Defense Minister Yoav Gallant and Chief of Staff Herzi Halevi in October 2023 (dpa)
Netanyahu with dismissed Defense Minister Yoav Gallant and Chief of Staff Herzi Halevi in October 2023 (dpa)
TT
TT

Netanyahu Prepares Grounds to Dismiss Chief of Staff

Netanyahu with dismissed Defense Minister Yoav Gallant and Chief of Staff Herzi Halevi in October 2023 (dpa)
Netanyahu with dismissed Defense Minister Yoav Gallant and Chief of Staff Herzi Halevi in October 2023 (dpa)

After the successful ousting of his defense minister, Yoav Gallant, Israeli Prime Minister Benjamin Netanyahu is preparing the grounds to dismiss Army chief of staff, Herzi Halevi, reports in Tel Aviv revealed.
The PM’s intentions were visible through a series of preliminary measures. In a nine-minute video statement posted to social media on Saturday, Netanyahu claimed the ongoing investigation into the alleged theft and leak of classified documents, including by his aides, aimed at harming him and “an entire political camp.”
He then asserted that vital classified documents weren’t reaching him. “I am the prime minister. I need to receive important classified documents, and indeed sometimes important information doesn’t reach me.”
Netanyahu then defended his former spokesman Eli Feldstein, who is accused of leaking a classified document in a bid to sway public opinion against a truce-hostage deal in Gaza.
Last Thursday, Feldstein was charged with transferring classified information with the intent to harm the state.
The PM considered accusations against his spokesman as a “witch hunt” against his aides and Israelis who support him.
For the past 14 years, the Israeli right had run a large-scale incitement campaign against the security services. But in the last year, this camp increased its attack, particularly against the Chief of Staff, Halevi, who believes it is necessary to stop the war and ink a deal with Hamas.
The right-wing “Mida” website published a report entitled “Herzi Halevi’s Political Sabotage,” describing the man’s “rising against the Israeli political leadership.”
The report said Halevi's inappropriate behavior started during the first weeks of the war when the Army announced it was “ready for a ground attack,” accusing Netanyahu of delaying such an operation.
Mida then listed several other instances in which it described Netanyahu as a great leader who ordered strong attacks and deep military operations. It then accused the army of refraining from following his orders.
The report concludes that the “freeing of hostages file was the straw that broke the camel's back.”
In an April 2024 speech marking the six-month anniversary of the war, Halevi has said that it is time to end the war in Gaza and reach a prisoner swap deal with Hamas, while Netanyahu took a hardline stance, refusing to compromise on what he called “red lines.”
The Madi website also criticized Halevi for saying that the government was responsible for ordering the army of again operating in Jabalia, a decision that resulted in significant Israeli casualties.
“Halevi should have been dismissed as soon as the government was formed, and this was Netanyahu's mistake. But it is not too late to fix it. You can't win wars with rebel chiefs of staff,” the website wrote.