TZUTC: -0500
MSGID: 1209.consprcy@1:2320/105 2cc68680
PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0
TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
Iran encourages citizens to use a messaging app previously flagged as a state
surveillance tool

Date:
Mon, 23 Jun 2025 16:13:59 +0000

Description:
Iran-developed application, Bale Messenger was found to lack end-to-end
encryption and share users' sensitive data with the app server. Experts warn
against their use.

FULL STORY

As Iran enters the fifth day of a near-total communication blackout, 
officials are reportedly encouraging citizens to turn to a domestic messaging
app to stay in touch with their families outside the country. 

Fars News Agency  which is managed by the Islamic Revolutionary Guard Corps
shared a tweet on Friday, June 20, saying that foreign users, as well as
locals, can now use the Bale app to communicate with relatives and friends
during the internet outage. 

There's a problem, though: security researchers have previously flagged Bale
(or Baleh) Messenger as a state surveillance tool. Not only did they find 
that it lacked end-to-end encryption protections, but that it also has
censorship and surveillance capabilities.

The risks of Bale Messenger

Reportedly developed by a company with ties to the National Bank of Iran, 
Bale (which means Yes in Persian) is an instant messaging application that
includes voice-over-IP features, a social media platform, and even banking
services. 

Bale claims to use end-to-end encryption (E2EE) to ensure users chats remain
private. 

According to data coming from the Iranian Minister of Communications and
Information Technology, Bale had 16.5 million monthly active users as of May
2023. 

Considering its growing popularity, security researchers at the Open
Technology Fund decided to verify the claims of Bale and two other Iranian
messaging apps (Eitaa and Rubika) with a security audit . The tests were
carried out in December 2023 and October 2024 and uncovered several privacy
and security vulnerabilities.

Do you know?

Iranian authorities enforced heavy internet restrictions
against popular Western apps following the country's 2022 massive protests .
This has likely led to a spike in usage of Bale and other Iran-developed
applications. 

For starters, auditors confirmed that all three apps employed different forms
of client-server encryption, but none had E2EE protections enabled, despite
government claims. 

Specifically Bale was found using "one form of encryption that could be 
easily reversed in the context of encrypting a users credit card data"
according to the audit. 

All apps could reportedly exchange messages with each other, too, through a
backend process called Message Exchange Bus (MXB), which auditors confirmed
was a state-owned service. 

This meant that the app server "could potentially view plaintext messages due
to the lack of E2EE in any of the apps". 

Researchers also found evidence of "unexpected transmission of private data". 

Crucially, when users click on URLs shared via messages, they appear to be
redirected to the applications backend server. 

"This would effectively allow the servers to monitor which websites are 
viewed by users within the app," researchers explained, deeming the tactic "a
mechanism for censorship and surveillance". 

The Bale app was also found to share users location data with the app server
during authentication.

What experts are saying 

Researchers at the Open Technology Fund concluded their security audit by
suggesting opting for more secure messaging apps that actually employ E2EE.
These include Signal (which also offers anti-censorship proxy servers ),
Session, and Wire. 

Iranian Information Security Analyst and womens rights advocate Azam Jangrevi
also raised concerns following Friday's statement from the Iranian
authorities. Iran's regime has cut internet access, leaving millions
disconnected from loved ones abroad. Officials push the "Baleh" app,long
flagged by activists as insecure and a tool for state surveillance.

Jangrevi told TechRadar: "The app, tied to the National Bank of Iran, has
raised red flags due to potential spyware embedded within its code. Key
concerns include unauthorized surveillance, remote device access, and 
metadata collection especially targeting individuals with political or social
influence. 

"With those risks, analysts urge citizens to avoid Baleh for sensitive
communication. Instead, they suggest turning to encrypted services like 
Signal or WhatsApp (via secure VPNs ), though connection quality varies."

Iran's internet blackout

Iran has been suffering a near-total internet blackout since June 18, 2025,
impacting citizens' ability to communicate and access information. 

Internet connectivity was briefly restored on Saturday (June 21) "when
residents could exchange messages with the outside world," internet watchdog
NetBlocks reported , before collapsing again in the evening. 

The latest data from Sunday (see image above) shows that the country remains
largely "offline." 

"At 72 hours, diminished telecoms continue to impact the public's ability to
stay informed and in touch with loved ones," NetBlocks noted . 

It's in this context that Iranians were also asked to delete WhatsApp from
their smartphones, with officials fearing the app may be used as a source of
strategic information for its opponent in the current conflict. 

A series of government-imposed restrictions also began on June 13 and sparked
a surge of VPN demand across Iran that reached peaks of over 700% increase. 

Authorities, however, appear to be targeting VPN usage with some of the best
VPN apps now reportedly not working at all times.

======================================================================
Link to news story:
https://www.techradar.com/vpn/vpn-privacy-security/iran-encourages-citizens-to
-use-a-messaging-app-previously-flagged-as-a-state-surveillance-tool

$$
--- SBBSecho 3.20-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 111 114 206 300 307 317 400 426 428
SEEN-BY: 229/470 664 700 705 266/512 291/111 320/219 322/757 342/200
SEEN-BY: 396/45 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426