Millions receive defection alert after Iranian app hacked
A popular Iranian prayer-time app was hacked on Saturday morning, sending push notifications in Persian that urged military and security personnel to defect and join efforts to liberate the country.
BadeSaba, meaning ‘Morning Breeze’, functions as Iran’s equivalent of Google Calendar, managing birthdays, appointments, and delivering five daily notifications that prompt users to pause and pray.
With more than five million downloads on Google Play, the app provides prayer times, azan alerts, a qibla compass, and reminders for personal events, making it a deeply trusted routine tool for millions in Iran and among Persian speakers worldwide and especially used during Ramadan.
Iranian phones hacked
Users shared screenshots of the alerts on social media. Messages included “help has arrived”, calls to lay down weapons, promises of support or amnesty for those who switched sides, and appeals to fight for a free Iran.
Badesaba screen shot
WIRED noted that analysts linked the campaign to Israel, though no official claim of responsibility has been made and attribution in cyber operations remains challenging. Security researchers said the scale suggested prior access to the notification infrastructure, activated at a strategically sensitive time.
The incident coincided with communications disruptions and internet instability in Iran, complicating assessment of its impact.
This marks a shift in cyber tactics, turning a trusted everyday religious app into a channel for political and psychological messaging rather than solely targeting government systems.
Israeli officials have not commented publicly. Experts continue to investigate how the attackers gained control, possibly through the developer’s systems or a third-party service.
