Following two deliberate attacks on prominent institutions—the crypto exchange Nobitex and Sepah Bank—a devastating cyber campaign has rocked Iran’s financial scene. The hacker group Predatory Sparrow took credit for both.

In what seems to be a dramatic rise in digital warfare, the group—a collective many believe to be supported by Israeli intelligence—said it conducted both attacks in reprisal for the Iranian government’s ongoing attempts to evade international sanctions and fund terrorist groups. In terms of infrastructure as well as actual financial losses, the outcomes have been disastrous.

The first hit came on Nobitex, the biggest bitcoin exchange in Iran. Unlike most cyberattacks, the attackers sought no ransom or asset theft. Rather, blockchain tracking company Elliptic claims they destroyed almost $90 million worth of cryptocurrency. The assets went to vanity wallet addresses, irrecoverable crypto wallets under names like “FuckIRGCterrorists.”

The money disappears permanently once delivered to such addresses. “The crypto they stole has essentially been burned,” said co-founder of Elliptic Tom Robinson. “The hackers quite obviously have political rather than financial motives.”

Predatory Sparrow charged Nobitex with helping organizations, including the Islamic Revolutionary Guard Corps (IRGC), Hamas, the Houthis, and Palestinian Islamic Jihad, to handle financial transactions. These are groups under worldwide sanctions for activity connected to terror. Elliptic’s investigations verified relationships between Nobitex and wallets under control by approved entities.

The Nobitex website is still down as of yet. There is no public statement, thus users are left wondering whether any assets or data can be restored.

But the crypto sabotage was only the first.

Just a few hours later, Predatory Sparrow claimed yet another victory: Sepah Bank, among Iran’s most venerable and strong state-run banks. The hackers claimed in a statement that they had erased all internal bank data. To support their claims, they leaked records purportedly showing Sepah and the IRGC working closely.

Their admonition to others was clear: “Associating with the regime’s instruments for evading sanctions and financing its ballistic missiles and nuclear program is bad for your long-term financial health.” Whose next is this?

Although Sepah Bank’s website finally returned online, the ground-level effects became abundantly evident. Based in Sweden, Iranian cybersecurity specialist Hamid Kashfi claimed Sepah’s online banking systems and ATMs remained non-functional following the attack. Millions of people depend on these systems. The disturbance is rather real, Kashfi remarked. This was not only a strike aimed at a regime. It changed common Iranians as well.

For Predatory Sparrow, this kind of collateral damage is not unusual. The group has already turned off Iran’s gas stations, rail system, and in 2022, they famously targeted the Khouzestan steel mill, resulting in molten metal flooding the factory floor. That event was broadcast on video uploaded by the group itself, and it almost killed employees.

Though Predatory Sparrow bills itself as a domestic Iranian resistance group, its activities are too advanced and resource-intensive for a grassroots movement. Most cybersecurity experts feel Israeli intelligence organizations either directly or indirectly support the group.

“This is not your typical group of hacktivists,” Google’s threat intelligence unit chief analyst John Hultquist said. “This actor is state-aligned and possesses precisely calibrated ability. They are delivering, not only menacing.

Targeting both a crypto platform and a big bank, Predatory Sparrow made a strong statement: Iran’s financial architecture is weak; thus, those who help the government in avoiding sanctions or funding its defense projects could find themselves on the target list next.

These strikes will probably have effects felt all around the area. Cyberattacks like this one could establish new standards for how wars are fought—and won—as the line separating digital from physical warfare keeps blurring.