The pro-Israel hacktivist group Predatory Sparrow announced on Tuesday that it had successfully carried out a cyberattack against Iran’s Bank Sepah, reportedly taking the financial institution offline.
Known by its Persian pseudonym Gonjeshke Darande, Predatory Sparrow issued a statement via social media, indicating it had targeted Bank Sepah specifically due to the bank’s role in allegedly enabling the Iranian government to bypass international sanctions. According to the hackers, the institution utilized Iranian citizens’ resources to fund terrorist proxy groups, ballistic missile programs, and the country’s nuclear military projects.
In its online claims, Predatory Sparrow reported that the cyberattack involved the destruction of critical data held by the bank. Following the attack, independent sources reported widespread banking disruptions throughout Iran, affecting services significantly. Multiple Bank Sepah branches remained closed on Tuesday, with customers reporting inability to access their funds or banking services. Photographs circulated online by international journalists also showed ATMs in Iran displaying error messages.
Attempts to independently verify the cyberattack were unsuccessful. Emails sent to contacts at Bank Sepah’s Iranian headquarters resulted in delivery errors, while affiliates operating internationally in the U.K. and Italy did not respond to requests for comment. Efforts to secure further details directly from Predatory Sparrow also went unanswered.
This cyberattack coincides with escalating hostilities between Israel and Iran, marked by exchanges of aerial bombardments and missile strikes on sensitive military and nuclear facilities since last Friday. Predatory Sparrow has established itself as a notable actor within cyber conflicts targeting Iranian organizations over recent years. Cybersecurity experts have previously validated a number of the group’s past claims, including attacks on critical Iranian infrastructure with demonstrable impact.
Notably, the hacktivist organization has previously targeted an Iranian steel plant, reportedly triggering a fire and explosions, and has similarly disrupted the country’s gas station networks. Analysts caution against dismissing Predatory Sparrow as mere online provocateurs, given their history of sophisticated and impactful cyber intrusions against Iranian targets.
