In a stunning cyber escalation tied to recent Israel-US airstrikes on Iran, a popular Shia prayer app was hacked to bombard millions of users with messages calling for regime defection and weapon surrender. The BadeSaba Calendar app, downloaded over 5 million times on Google Play, delivered these provocative push notifications right after explosions rocked Tehran and other cities on Saturday morning. No group has claimed responsibility, but experts suspect Israeli involvement as part of broader digital warfare.
Cyber Messages Spark Panic
The alerts began at 9:52 a.m. Tehran time with the title “Help Has Arrived,” followed by a barrage over 30 minutes. Screenshots verified by cybersecurity analysts show Farsi messages targeting Iranian military personnel, promising amnesty for those who “lay down your weapons” and join “forces of liberation” against the regime. One at 10:02 a.m. read: “The time for revenge has come. The regime’s oppressive forces will be held accountable… Anyone who participates in defending the Iranian nation will receive amnesty”. Another urged: “For the freedom of our Iranian brothers and sisters… lay down your weapons or join the liberation forces. Only in this way can you save your lives. For a free Iran”.
FCRF Launches Flagship Certified Fraud Investigator (CFI) Program
Context of Strikes and Cyber Campaign
These hacks coincided with “preemptive strikes” by Israel and the US, following failed diplomacy and Iranian protests that killed at least three civilians per official data. Iranian state media like IRNA was also compromised, broadcasting anti-regime content about blows to IRGC and Basij forces. Western intelligence links this to disrupting IRGC coordination, drone launches, and missile responses, capping a January campaign that hacked satellite broadcasts. Apps and government services in Tehran, Isfahan, and Shiraz failed amid the blackout.
Expert Analysis on the Hack
Cybersecurity firm Hunter Strategy’s Jake Williams called it a hallmark Israeli op, likely pre-planned. Digital rights researcher Narges Keshavarznia noted uncertainty: “At this point we genuinely do not know [the actors]—whether it is Israel or anti-government Iranian groups”. Analysts confirmed BadeSaba users got the notifications but couldn’t trace the breach origin. This fits Iran’s history of state-sponsored cyber threats, now facing coordinated retaliation.
This incident highlights cyber’s role in modern conflict, blending info ops with physical strikes to sow internal discord. As Iran retaliates, expect more digital fronts.
About the author – Ayesha Aayat is a law student and contributor covering cybercrime, online frauds, and digital safety concerns. Her writing aims to raise awareness about evolving cyber threats and legal responses.
