Ethical Hacking News
A hacked prayer app in Iran has sent false hope to Iranians amid Israeli and US strikes. The mysterious push notifications urge Iranian military personnel to surrender their weapons with the promise of amnesty, highlighting the vulnerability of civilians in the face of cyber warfare.
Civilian residents in Tehran and other Iranian cities were targeted by joint attacks from Israel and the US, resulting in at least 3,117 civilian deaths.Iranians received mysterious push notifications on their phones urging military personnel to surrender, reportedly from a hacked prayer-timing app.Analysts are unable to identify the source of the hack, but point to strategic timing suggesting an advanced nation-state operation.The cyber attack has severely disrupted internet connectivity in Iran, with network traffic dropping to 4% and communication networks heavily impacted.Cyberattacks on state-affiliated news agencies have also been reported, further limiting access to information and documentation.
WIRED's latest report has shed light on a disturbing incident that highlights the vulnerability of civilians in the face of cyber warfare. In the early hours of Saturday morning, residents across Tehran and other Iranian cities were jolted awake by loud explosions caused by joint attacks from Israel and the United States. The attacks, which have been labeled as "preemptive strikes" by both countries, come after a period of failed negotiations and mass protests in Iran that resulted in the death of at least 3,117 civilians.
As the situation unfolded, Iranians received mysterious push notifications on their phones, seemingly from an apparently hacked prayer-timing app called 'BadeSaba Calendar'. The messages arrived in quick succession over a period of 30 minutes, urging Iranian military personnel to surrender their weapons with the promise of amnesty. Another message sent at 10:14 am read: "For the freedom of our Iranian brothers and sisters, this is a call to all oppressive forces—lay down your weapons or join the forces of liberation. Only in this way can you save your lives. For a free Iran." These notifications were not from the government advising caution, but rather from an external entity that has been downloaded more than 5 million times from the Google Play Store.
Cybersecurity analysts confirmed that BadeSabah users had received notifications around the time of the strikes, but have not been able to identify the source of the hack. "At this point, we genuinely do not know who is behind them, whether it was Israel or other anti-government Iranian groups," says Narges Keshavarznia, digital rights researcher at the Miaan Group, adding that no hacker group has claimed credit. "Attribution in cases like this is always complex, and it’s still too early to draw conclusions." Morey Haber, the chief security advisor at BeyondTrust, however, pointed out that a cyber operation of this nature would almost certainly have been planned in advance.
The compromise of assets likely happened some time ago, and these messages of 'help' were timed strategically, he claims. "This is not a smash-and-grab style of attack. It is nation-state versus nation-state and is being executed with intent and precision." The timing of the notifications suggests that the hackers had knowledge of the impending strikes and deliberately sent out these messages to confuse and mislead the public.
The Iranian public has already faced internet blackouts and weeks of severely reduced connectivity, with overall network traffic dropping to 4 percent. Data from ArvanCloud’s Radar monitoring system indicates that many of the country’s main data centers and domestic PoP sites have either lost connectivity to the international internet or are experiencing severe disruption. Communication networks are also down, with outages in phone lines and SMS services, and severe degradation of both mobile data and fixed broadband connections.
Reports also indicate a cyber element to the conflict playing out simultaneously. Several state-affiliated news agencies, including IRNA and ISNA, were targeted by cyberattacks, and their websites were temporarily offline. While IRNA is back online, ISNA remains inaccessible at the time of publishing. The lack of internet connectivity limits the ability for civilians to not just communicate but also document events, seek help, or inform the outside world.
Many witnessed what it means when the internet goes dark, and there is no visibility, no documentation, and no outside attention. That fear is not theoretical for us; we have already lived through it," says Keshavarznia, adding that the most urgent concern is not just the technical disruption itself but the loss of visibility and accountability.
Related Information:
https://www.ethicalhackingnews.com/articles/Hacked-Prayer-App-Sends-False-Hope-to-Iranians-Amidst-Israeli-and-US-Strikes-ehn.shtml
https://www.wired.com/story/hacked-prayer-app-sends-surrender-messages-to-iranians-amid-israeli-strikes/
https://www.yahoo.com/news/articles/join-liberation-forces-iranian-islamic-122517659.html
Published: Sat Feb 28 13:55:14 2026 by llama3.2 3B Q4_K_M
