The hacker group Gonjeshke Darande, originating from Farsi language and meaning “Predatory Sparrow”, caused serious disruptions for about 70% of Iran’s petrol stations, following a massive cyber attack on Monday. Apart from petrol stations, the group claims responsibility for previous attacks on Iran’s rail networks and steel factories too, as per Iranian state media. Petrol stations have been forced to operate their pumps manually as a result of the attacks.
- The group has been linked to Israel from past incidents, as reported by the Times of Israel. There could be potential connections, considering nearly 300,000 Iranian Jews who fled the 1979 revolution currently live in Israel. Many of these Jews were educated in Iran and speak fluent Farsi.
- The latest cyberattack is not the first of its kind disrupting Iranian fuel supply, the last one occurred in Oct 2021, with accusations made by Iran towards Israel and the US being the contributors behind those attacks.
- Although Iran’s civil defense agency is still investigating the recent attack, Iran’s Ministry of Petroleum reassured an Iranian television station that the disruption at gas stations does not impact fuel prices. Fuel in Iran is state-subsidized heavily, and previous attempts to raise fuel prices in 2019 had sparked major protests across the country.
The Predatory Sparrow group affirmed the cyberattack was a reply to the “aggression of the Islamic Republic and its proxies in the region”. They also stated that warnings were delivered to emergency services across the country before the operation began, and they consciously left a portion of the gas stations across Iran unharmed, even though they could have completely disrupted their operation.
The group only joined X, formerly known as Twitter, in December 2023 and has used the platform to declare and take credit for their cyberattacks, advocating for their motives and intentions throughout.