Israel-linked group claims cyberattack that shut down 70% of Iran’s gas stations

Gonjeshke Darande, a group claiming responsibility for the attack, claims that it is a response to Iranian aggression.

Hacking group previously linked to Israel has claimed to have crippled Iranian gas stations in a cyber attack.

The group “Gonjeshke Darande,” also known as the “predatory sparrow,” claimed to have disabled “the majority of gas pumps in Iran.”

The group stated in Persian and English that “this cyberattack is a response to the aggressiveness of the Islamic Republic in the region and its proxies.”

The group warned: “Khamenei – playing with fire comes at a cost.” “This is only a small taste of what’s to come.”

The group claims to have accessed the central servers and management systems as well as the payment systems at the gas stations.

Iran-backed groups like Hezbollah and Houthis have intensified their attacks on Israel since the beginning of Israel’s conflict with Hamas. The war began on 7 October with an onslaught in which Hamas terrorists killed around 1,200 people and kidnapped 240 others in southern Israel.

Iranian state media reported on the outage of close to 70% gas stations in the country. They cited a “software issue” as the reason and advised people to not rush to those stations that are still operating.

Iranian state TV cited a statement by the Oil Ministry of Iran that stated that more than 30 percent of gas stations are still in operation. About 33,000 gas stations are located in the country.

Gonjeshke Darande, in a second Telegram statement, said: “As with our previous operations this cyberattack was carried out in a controlled way while taking steps to limit any potential damage to the emergency services.”

We warned emergency services in the country about the planned operation and made sure that a few gas stations were not affected by the attack, despite the fact that we had the ability to disrupt the entire operation.

It is believed that the group has ties to Israel’s Military Intelligence Directorate.

The group claimed responsibility for an attack on the Iranian state-owned Khuzestan Steel Co. last year, which forced them to stop production. The group had targeted Iran’s fuel supply system a year earlier, causing gas stations to be paralyzed across the country.

Israel maintains an ambiguous policy regarding its operations against Iran. However, Israeli military correspondents who are regularly briefed by senior Israeli officials off the record, have strongly hinted at the fact that Military Intelligence Unit 8200 is responsible for the cyberattack 2022 on the Iranian Steel Plant.

These reports led Benny Gantz, then Israel’s defense minister, to order an inquiry into the media leaks which harmed Israel’s “ambiguity” policy.

Iran has experienced a number of cyberattacks in recent years on its railway system, industries, and filling stations. In the past, surveillance cameras in government building, including prisons have been hacked.

After the Stuxnet virus, widely believed to have been a joint US/Israeli invention, disrupted thousands Iranian centrifuges at the country’s nucleus sites in late 2000s.

Iran, which has been sanctioned for many years by the West faces difficulty in obtaining up-to date hardware and software. It often relies on electronics manufactured by Chinese manufacturers or older systems that are no longer patched, making it easier for potential hackers to target. Iran is awash with pirated Windows and other software.

Israel’s National Cyber Directorate confirmed that Iran and Hezbollah had been behind an attempt to hack into the Ziv Medical Center, Safed last month. The hacking was largely unsuccessful.

The directorate released a statement saying that the attack had been stopped by a coordinated effort between the IDF, Shin Bet and Health Ministry teams and hospitals.

The report added: “However it was discovered that the group stole sensitive information stored on the hospital’s system.”