Skip to content

Iran pays millions in ransom to halt massive cyberattack on banks, sources say

Iran pays millions in ransom to halt massive cyberattack on banks, sources say An command prompt screen shows the codes. The Anonymous hacktivist group claimed an cyberattack to the National Bank of Iran as part of their acts against the Iranian government on Sep 26, 2022. (via X)
By Newsroom
Sep 5, 2024 11:14 AM

Iran paid millions of dollars in ransom in August to stop a massive cyberattack that targeted its banking system, according to sources familiar with the matter.

The attack, allegedly carried out by the hacker group IRLeaks, is believed to be the most severe breach Iran has faced in recent years, affecting nearly 20 domestic banks.

Hackers demand ransom to prevent data release

The hackers initially demanded $10 million in cryptocurrency to prevent the release of sensitive personal and credit card data from millions of Iranian bank customers. However, they later agreed to settle for a smaller sum of $3 million, according to industry analysts and Western officials briefed on the situation.

The data breach threatened to destabilize Iran’s already fragile financial system, which is under pressure due to international sanctions.

Cyberattacks can cause serious damage to countries. For example, cyberattacks cost German companies approximately 267 billion euros ($296 billion) over the past 12 months, according to a recent survey by Bitkom, the Federal Association for Information Technology, Telecommunications and New Media.

Iran pays millions in ransom to halt massive cyberattack on banks, sources say
Users see the blue screen of death errors on computer screens due to the global communications outage caused by CrowdStrike, which provides cyber security services to U.S. technology company Microsoft, Ankara, Türkiye, July 19, 2024. (AA Photo)

IRLeaks behind attack

IRLeaks, a group with a history of hacking Iranian companies, is believed to be behind the breach.

The group reportedly accessed the banks’ data through Tosan, a company that provides digital services to Iran’s financial sector. Tosan’s infrastructure was used as a Trojan horse, allowing the hackers to siphon data from private banks as well as the central bank. Among the affected institutions were the Bank of Industry and Mines, Mehr Interest-Free Bank, Post Bank of Iran, and others.

Iranian regime avoids public acknowledgment

Iranian authorities did not publicly acknowledge the cyberattack, which occurred in mid-August and forced banks to shut down ATMs across the country.

Notes placed on an ATM in Parand, Iran.

Opposition news outlet Iran International reported the attack at the time, but details about the hackers and the ransom demands remained undisclosed. Iran’s Supreme Leader Ali Khamenei indirectly addressed the attack, blaming foreign actors for creating “psychological warfare” without mentioning the banking system breach.

Iran pays millions in ransom to halt massive cyberattack on banks, sources say
Iran’s President Masoud Pezeshkian attends a televised interview on August 31, 2024, addressing the nation for the first time since assuming office late last month. (Photo via president.ir)

Iran’s fragile financial sector

Iran’s banking system has long been considered its Achilles heel. Already burdened by loans to the government and undercapitalized by international standards, Iranian banks are vulnerable to financial instability. With inflation nearing 40%, many Iranians depend on digital banking for daily transactions, making the system’s fragility even more concerning.

In a recent appearance on state television, Pezeshkian discussed the economic difficulties facing Iran, including high inflation, and assured the public that his administration is taking steps to resolve these issues.

“The people feel the current situation and high inflation. We have started working to solve the inflation problem,” Pezeshkian remarked, signaling his government’s commitment to stabilizing the economy.

We are actively engaging with around 40 countries and are in the process of negotiating agreements. We must bridge gaps in foreign policy to enhance our economic stability.

We must give investors confidence that we will create the conditions for their success and remove legal obstacles. If investors trust us, they will bring their money back to the country.

Iran’s President Masoud Pezeshkian

Pezeshkian emphasized the need to resolve internal differences and mend relations with neighboring countries and the international community, as these factors are closely tied to Iran’s economic success.

“We must resolve internal and external differences, as the economy is closely tied to diplomatic relations,” he stated, highlighting the link between Iran’s economic and diplomatic strategies.

Last Updated:  Sep 5, 2024 11:14 AM