Iran’s Oil Minister, Javad Owji, has confirmed a nationwide cyberattack on petrol stations, with a hacking group claiming responsibility and alleged links to Israel. The attack disrupted services at approximately 70% of Iran’s petrol stations, but 1,650 were reported to be operational later. The hacking group, known as Gonjeshke Darande or “Predatory Sparrow,” stated that the cyberattack was a controlled response to the “aggression of the Islamic Republic and its proxies in the region.”
The group’s statement on Telegram emphasized a strategic and controlled approach to avoid damage to emergency services. Israeli government spokesperson Tal Heinrich refrained from commenting on Iran’s claims. Iran’s civil defense agency, responsible for cybersecurity, is investigating all possible causes for the disruptions.
Predatory Sparrow has previously claimed cyberattacks on Iranian infrastructure, including petrol stations, rail networks, and steel factories. Last year, the group posted a video attributing an explosion in a steel factory to a hack. Iran had accused Israel and the United States of being responsible for a major cyberattack disrupting fuel sales in 2021.
The recent disruption, primarily affecting Tehran, forced many petrol stations to operate manually. While there is no reported fuel supply shortage, drivers are urged not to visit petrol stations. The oil ministry clarified that the disruption is unrelated to plans to increase fuel prices, a policy that triggered protests in 2019.
Iranian state media mentioned ongoing efforts to restore services, with over 50% of stations providing manual services. Meanwhile, Israel’s Cyber Unit reported that Iran and Hezbollah attempted a cyberattack on a hospital in northern Israel three weeks ago, retrieving sensitive information despite the attack being thwarted.
