Four major Iranian banks have been impacted by a cyber attack, according to the nation’s banking coordination council.
A shared communications infrastructure used by Bank Saderat, Bank Tejarat, the Export Development Bank of Iran, and Bank Melli suffered a cyber attack, according to reports; however, no customer data was impacted, officials said.
“Technical teams immediately implemented the necessary preventive and protective measures to protect customer data and the country’s banking infrastructure after identifying unusual signs,” the technical council said, as seen by Iranian state media.
You’re out of free articles for this month
To continue reading the rest of this article, please log in.
“Detailed technical investigations indicate that this disruption was caused by a limited cyber attack on the shared communication infrastructure of these four banks, and fortunately, no unauthorised access to customer information occurred and no information was deleted.”
Residents in Tehran reported that electronic payments had stopped working in restaurants and supermarkets, impacting operations and forcing them to shift to other manual payment recording.
Technical experts are now in control of infrastructure systems, and recovery operations are ongoing. Protective measures have been implemented.
The cyber incident was reportedly claimed by the Black Wolves Iranian hacking group, which announced the incident on Telegram.
Conflicts in the Middle East have driven a major increase in cyber activity in the region, with reports earlier this year saying there was a 130 per cent increase in cyber attacks.
“The phishing and malware campaigns we’ve observed are highly opportunistic. The Gulf is a high-value region due to its role in global energy, finance and trade, and the broader disruption following the escalation has created conditions where normal business operations may be under pressure,” security analyst Alina Bizga told Cyber Daily.
“In this context, phishing campaigns that mimic routine communication such as invoices, contracts, or banking requests are more likely to succeed, as they blend into existing workflows during periods of uncertainty.”
Bitdefender said that while it cannot directly attribute specific state-sponsored actors, it believes that criminal actors may also be using the conflict as an opportunity to launch cyber attacks.
Want to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.
Daniel Croft
Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.