Imagine your favorite app encouraging you to surrender during a war. That’s happening right now in Iran.
With the onset of open warfare, Israel reportedly hacked the popular prayer calendar app BadeSaba to distribute messages that, in another era, might have taken the form of pamphlets dropped from planes.
According to Reuters, app users received notifications stating “It’s time for reckoning” and urging members of the military to join the opposition to the regime.
The message, it’s claimed, was titled “Help has arrived.”
Hamid Kashfi, a security researcher and DarkCell founder, in a social media post said the app is an interesting target for reasons beyond its high number of downloads, said to be around 37 million.
“Users of the app are particularly religious people and have [a] higher chance to be also pro-regime and within [the] body of the army,” he wrote. “One important but seemingly ignored fact about this app is that it requests location access to operate.”
The availability of user location data and other app telemetry, he suggested, “can be (ab)used in many different and interesting ways!”
The app’s maker did not immediately respond to a request for comment.
Lukasz Olejnik, independent consultant, author, and visiting senior research fellow at the Department of War Studies at King’s College London, says that he predicted this very scenario in his 2024 book Propaganda.
He characterized the message campaign not as a cyberattack but as a psychological operation intended to influence Iranian society and the country’s security forces.
Olejnik told The Register in an email that there’s very little app users can do beyond being skeptical about what gets displayed on their screens – advice that may be difficult to follow given the expectations for push notifications.
“Push notifications are trusted by design,” said Olejnik. “The entire model assumes that if you installed an app, the messages it sends are legitimate.”
For software developers, he said, the lesson is that notification infrastructure becomes a high-value target, particularly during conflicts.
“Keep in mind that apps may delegate push delivery to third-party services or platform-level infrastructure, and then it’s even more complex,” he said. “Developers and operators should map how they use it and update their risk assessments accordingly. Especially those with significant user bases.”
Olejnik said that this is a consequence of infrastructure control. “Push notifications create an infrastructural, logical channel between the media or apps, and the user,” he said. “It’s an issue of architecture.” ®