Military conflict and cyberwarfare are blurring quickly in their distinctions. And this week, Iran found that reality was shockingly obvious. Widely thought to be connected to Israel, the hacker group Predatory Sparrow launched two catastrophic attacks on Iran’s financial infrastructure in a bold and coordinated digital assault, crippling the crypto exchange Nobitex and demolishing Sepah Bank.

Not only is the range of the targets unique in this case. The intention is this. Predatory Sparrow destroyed rather than stole the money. Blockchain forensics company Elliptic claims that many, starting with politically charged words like “FuckIRGCterrorists,” the group burned over $90 million in cryptocurrencies by moving funds to irrecoverable vanity addresses. Once money is transferred to these addresses on the blockchain, it disappears permanently—basically, they are black holes.

Attack of this kind is rare. Elliptic co-founder Tom Robinson described the event as “an act of sabotage” instead of financial theft. “The hackers obviously have political rather than financial drives. Their pilfering of cryptocurrency has essentially been burned.

On its X account, Predatory Sparrow issued a public statement alleging Nobitex had evolved into a pillar of Iran’s sanction evasion tactic and a means of funding terrorist organizations. They claimed the trade helped direct money to groups including the Islamic Revolutionary Guard Corps (IRGC), Hamas, the Houthi rebels in Yemen, and Palestinian Islamic Jihad—all of which face international sanctions.

Nobitex’s website went down and has remained unreachable since the hack. The site has not posted any public comments. The silence just fuels doubts about the damage, perhaps being even more severe than stated.

But the group did not stop there. That same day, they claimed to have entered Sepah Bank, one of Iran’s biggest financial establishments. Predatory Sparrow claimed they deleted all internal data from Sepah’s systems and published records claiming financial links between the bank and the Iranian military. “Prudence: Your long-term financial situation suffers when you associate with the tools used by the government to evade sanctions and fund its ballistic missiles and nuclear programme. “Whose next?”

The website of Sepah Bank was momentarily disabled but subsequently came back. Independent sources, however, point to damage that transcended web accessibility.

According to Iranian cybersecurity researcher Hamid Kashfi, who founded DarkCell and resides in Sweden, sources in Iran claimed significant disruptions. “Sepah’s online banking systems and ATMs have been out of action since the attack,” he said. Millions of average people have suffered. Collateral damage has been rather extensive.

Predatory Sparrow has made headlines before this as well. The group earlier claimed responsibility for cyberattacks that brought Iran’s national railway to a standstill, disabled thousands of gas stations, and—probably most famously—hacked a steel mill in 2022. That operation almost killed workers, set off a fire, and let molten steel spill over. Among the most physically damaging cyberattacks in history, the hackers even posted a video of the event.

Though they present themselves as Iranian hacktivists, most cybersecurity experts think Predatory Sparrow runs under the direction or support of Israel’s intelligence services. Their activities are too exact, their targets too strategic, and their capacity too advanced to point the other way.

“This actor is quite serious and quite capable,” Google’s threat intelligence group chief analyst John Hultquist remarked. Many of the performers will be making threats. This is one that can carry out those promises.

The consequences of these strikes are rather large. Iran has been able to sustain its economy under international pressure and avoid economic sanctions for years by depending on crypto sites like Nobitex. Predatory Sparrow not only upset Iran’s finances but also sent a message to the world by eradicating those assets and revealing connections to militant organizations.

More importantly still, they warned others: anyone helping the Iranian government—by infrastructure, finance, or cryptocurrency—is fair game.

The digital battlefield is no longer secondary as tensions across the Middle East continue to rise and more cyber groups with political agendas spring forth. It’s central. And Iran is paying the cost right now.