IRLeaks attack on Iranian banks

In August 2024, an Iranian group called IRLeaks attacked Iranian banks. Politico described the attack as the “worst cyberattack” in Iranian history.[1][2] According to Politico, the Iranian government was forced to pay millions of dollars to IRLeaks in ransom.[1] Politico reported that 20 out of about 29 Iranian credit institutions fell in the attack.[3][4][1] The Iranian central bank, the Post Bank of Iran and the Bank of Industry and Mines were amongst the banks hit in the attack.[5] The attackers were likely freelance hackers seeking financial gain.[1] The attack occurred after the release of reports that Iranian hackers intervened in the 2024 presidential American elections.[6][7][8]

Bank Markazi Tower, where the Central Bank of Iran sits

Overview

edit

IRLeaks in their attack collected data on millions of Iranian customers including their credit card details. IRLeaks sought to sell their data on the dark web for 10 million dollars. Iran was forced to block ATMs in the country.[9] 20 out of 29 Iranian banks were hit including Sarmayeh Bank, Post Bank of Iran, Iran Zamin Bank, the Bank of Industry and Mines, Bank-e Shahr, Iran-Venezuela Bi-National Bank, Bank Day, Eghtesad Novin Bank, Mehr Interest-Free Bank. Saman, an international bank with branches in Italy and Germany was also hit.[1] According to TechCentral the hackers accessed the banks through a digital service firm called Toson.[9] According to DarkReading notes were placed in the blocked ATMs reading “"Dear customers, it is not possible to withdraw money from the bank because all of Iran's budget and national resources have been invested in the war for the benefit of the corrupt regime of the Islamic Republic."[8]

The government of Iran made a deal with the group to retrieve the stolen information. Iran did so in order to avoid the collapse of its insatiable financial system which it feared may weaken if Iranians were aware of the fragility of their network data theft. The Iranian financial system is characterized by government loans as well as un-capitalization. Due to financial instability, Iranian bank customers are at risk of bank runs. The Iranian economy is also under strain from international sanctions and suffers a yearly inflation rate of about 40%.[10] The Iranian economy also suffers from what Mazarei describes as the “heavy-handed role of the state, corruption, and the Central Bank of Iran’s failure to regulate and supervise the system”.[11][4][9]

The Iranian supreme leader blamed Israel and the United States without mentioning the cyberattack on the banking system. Politico remarked it was plausible Israel or the US were involved because of tensions with Israel as well as the Americans having accused Iran of intervening in the American 2024 elections.[12][13] Politico also remarked that the group was made of freelance hackers and the attack was likely carried out for monetary gain.[1] TechCentral said the attack was probably carried out by freelance hackers.[9] An Iranian firm paid the hackers no less than $3 million to IRLeaks to stop the attack and retrieve data.[1]

See also

edit

References

edit
  1. ^ a b c d e f g "Iran pays millions in ransom to end massive cyberattack on banks, officials say". POLITICO. 2024-09-04. Retrieved 2024-09-09.
  2. ^ "Iran interrogating software firm at epicenter of 'worst-ever' bank hack". Iran International. 6 September 2024. Retrieved 2024-09-09.
  3. ^ "List of Banks in Iran". Global Banking and Finance review. 13 June 2012.
  4. ^ a b "Iran Pays Millions in Ransom to End Cyberattack on Banks". Asharq Al Aswat. 6 September 2024.
  5. ^ "Iran's Central Bank Hit by Major Cyberattack". OilPrice.com. Retrieved 2024-09-09.
  6. ^ Sebin, Sam (16 August 2024). "Iran is now the biggest foreign threat to the 2024 elections". Axios.
  7. ^ Green, Justin (4 September 2024). "2024's triple threats on election disinformation". Axios.
  8. ^ a b Staff (17 August 2024). "Iran Reportedly Grapples With Major Cyberattack on Banking Systems". Dark Reading.
  9. ^ a b c d Kitson, Niall (2024-09-06). "Cyber attack on Iran's banking system exposes sensitive data". TechCentral.ie. Retrieved 2024-09-09.
  10. ^ "Iran Inflation Rate 1960-2024". www.macrotrends.net. Retrieved 2024-09-09.
  11. ^ Mazaeri, Adnan (June 2019). "Iran Has a Slow Motion Banking Crisis". Peterson Institute for International Economics.
  12. ^ Sebin, Sam (16 August 2024). "Iran is now the biggest foreign threat to the 2024 elections". Axios.
  13. ^ Watts, Clint (2024-08-09). "Iran Targeting 2024 US Election". Microsoft On the Issues. Retrieved 2024-09-09.