Iran’s banking system was recently targeted by a massive cyberattack, which forced the country’s authorities to agree to a ransom deal worth millions of dollars. According to sources, the attack was carried out by a group known as IRLeaks, which has a history of hacking Iranian companies.
The cyber attack attack, which took place in mid-August, was considered the worst cyberattack Iran has ever seen.
The hackers, who are believed to be driven by financial motives, initially threatened to release individual account data from as many as 20 Iranian domestic banks unless they are paid 10 million in cryptocurrency. However, they later settled on a smaller sum of at least 3 million, which was paid by an Iranian software firm.
As per Politico, the hackers could breach the banks’ servers via a company called Tosan, which provides data and digital services to Iran’s financial sector. Using Tosan as a Trojan horse, the hackers were able to siphon data from both private banks and Iran’s central bank.
The hackers hacked data from both private banks and Iran’s central bank. Of Iran’s 29 active credit institutions, as many as 20 banks were hit.
After the attack, Iran’s supreme leader, Ayatollah Ali Khamenei, delivered a cryptic message, blaming the U.S. and Israel for “spreading fear among our people.” However, according to Politico, IRLeaks is affiliated with neither the U.S. nor Israel.
The affected banks included the Bank of Industry and Mines, Mehr Interest-Free Bank, Post Bank of Iran, Iran Zamin Bank, Sarmayeh Bank, Iran-Venezuela Bi-National Bank, Bank Day, Bank-e Shahr, Eghtesad Novin Bank, and Saman, which has a significant presence in Italy and Germany. These banks were among the many that were compromised in the massive cyberattack.
Despite the vulnerabilities of Iran’s banking system, Iranians continue to deposit their money in banks and rely on them for daily transactions. With an inflation rate of nearly 40 percent, many Iranians opt for digital payments to avoid the hassle of dealing with cash