Residents across Tehran and other Iranian cities were jolted awake by sounds of loud explosions in the early hours of Saturday morning, as Israel and the US launched joint attacks on Iran.
The attacks, which the US and Israel are calling “preemptive strikes,” come after a period of failed negotiations between the countries, and on the heels of mass protests in Iran earlier this year that saw the death of at least 3,117 civilians, according to government statistics.
Shortly after the first set of explosions, Iranians received bursts of notifications on their phones. They came not from the government advising caution, but from an apparently hacked prayer-timing app called ‘BadeSaba Calendar’ that has been downloaded more than 5 million times from the Google Play Store.
The messages arrived in quick succession over a period of 30 minutes, starting with the phrase ‘Help Has Arrived’ at 9:52 am Tehran time, shortly after the first set of explosions. No party has claimed responsibility for the hacks.
Screenshots shared with WIRED Middle East show messages urging Iranian military personnel to surrender their weapons with the promise of amnesty. They also urged army personnel to join “the forces of liberation” and to “defend your brothers.”
The push notifications are all titled “Help is on the way”, and call on Iranian military members to surrender. Screenshot: WIRED Middle East
“The time for revenge has come,” one notification received at 10:02 am read (translated from Farsi). “The regime's repressive forces will pay for their cruel and merciless actions against the innocent people of Iran. Anyone who joins in defending and protecting the Iranian nation will be granted amnesty and forgiveness.”
“For the freedom of our Iranian brothers and sisters, this is a call to all oppressive forces—lay down your weapons or join the forces of liberation. Only in this way can you save your lives. For a free Iran,” another message sent at 10:14 am read.
Cybersecurity analysts confirmed that BadeSabah users had received notifications around the time of the strikes, but have not been able to identify the source of the hack. “At this point, we genuinely do not know who is behind them, whether it was Israel or other anti-government Iranian groups,” says Narges Keshavarznia, digital rights researcher at the Miaan Group, adding that no hacker group has claimed credit.
“Attribution in cases like this is always complex, and it’s still too early to draw conclusions.”
... continue reading