Iran encourages citizens to use a Message app that has previously been marked as a State Supervision Tool
- Advertisement -
- Iranian authorities forcing citizens to use a domestic messages -app to communicate with their families outside the country
- A security audit thought that Bale Messenger was not safe; E2EE protection is missing and shares data from sensitive users with the app server
- Iran has been experiencing an almost-total internet blockout since June 18, 2025, which influences the ability of citizens to communicate and gain access to information
While Iran enters the fifth day of an almost total communication-blackout, officials are said to encourage citizens to turn to a domestic message app to keep in touch with their families outside the country.
Fars News Agency – which is managed by the Islamic Revolutionary Guard Corps – shared a tweet On Friday, June 20, saying that foreign users, as well as the locals, can now use the Bale app to communicate with family members and friends during the malfunction on the internet.
However, there is a problem: security researchers have previously marked Bale (or Baleh) Messenger as a supervisory instrument. They not only found that the end-to-end coding protection was missing, but that it also has censorship and surveillance options.
The risks of Bale Messenger
Allegedly developed by a company with ties with the National Bank of Iran, Bale (which means yes in Persian) is an instant messaging application with voice-over-IP functions, a social media platform and even banking services.
Bale claims to use end-to-end coding (E2EE) to ensure that users remain chats in private.
According to data from the Iranian Minister of Communication and Information Technology, Bale had 16.5 million monthly active users From May 2023.
Given the growing popularity, security researchers from the Open Technology Fund decided to verify the claims of Bale and two other Iranian Messages apps (Eitaa and Rubika)) immediately Security audit. The tests were performed in December 2023 and October 2024 and discovered various privacy and security vulnerabilities.
Do you know that?
Iranian authorities maintained heavy internet restrictions against popular Western apps after the Countries 2022 mass protests. This has probably led to a peak in the use of Bale and other applications developed by Iran.
To begin with, auditors confirmed that all three apps used different forms of customer server coding, but had not engaged any E2EE protection, despite claims from the government.
Specifically, Bale was found with the help of “one form of coding that could easily be reversed in the context of coding the credit card details of a user” according to the audit.
All apps were reportedly also able to exchange messages with each other via a backend process called Message Exchange Bus (MXB), which auditors confirmed that it was a service from the state.
This meant that the app server could “view flat text messages because of the lack of E2EE in one of the apps”.
Researchers also found proof of “unexpected transfer of private data”.
It is crucial that when users click URLs that are shared via Messages, they seem to be sent to the backend server of the application.
“This would effectively enable the servers to check which websites are viewed by users within the app,” explained researchers who consider tactics “a mechanism for censorship and surveillance”.
The Bale app was also found to share the location data from users with the app server during the authentication.
What experts say
Researchers from the Open Technology Fund concluded their security audit by suggesting that they opted for safer messages -apps that actually use E2EE. These include signal (which also offers Anti-censorship Proxy servers), Session and wire.
The Iranian analyst for information security and lawyer of women’s rights Azam Jangrevi also issued their concern after the statement of Friday of the Iranian authorities.
Iran’s regime has cut internet access, so that millions are broken from loved ones abroad. Civil servants push the “Baleh” app, long marked by activists as uncertain and a tool for State Sturveillance. #Internetfreedom #iran #war #iranisrael conflict pic.twitter.com/3mbutogcdsJune 20, 2025
Jangrevi said to TechRadar: “The app, connected to the National Bank of Iran, has raised red flags because of potential spyware embedded in its code. The most important concerns include unauthorized surveillance, external device access and metadata collection in particular aimed at individuals with political influence.
“With those risks, analysts of citizens to avoid Baleh for sensitive communication. Instead, they focus on dealing with encrypted services such as Signal of WhatsApp (via Secure VPNs), although the connection quality varies. “
Iran’s Internet Black -Out
Iran has been suffering an almost total internet blockout since June 18, 2025 and has an influence on citizens’ ability to communicate and gain access to information.
Internet connectivity was briefly restored on Saturday (June 21) “When residents could exchange messages with the outside world”, Internet watchdog Netblocks reportedBefore you collapse again in the evening.
The latest data from Sunday (see image above) show that the country remains largely “offline”.
“At 72 hours, Telecom reduced the ability of the public to stay informed and stay in contact with loved ones,” Netblocks noted.
It is in this context that Iranians were too Asked to remove WhatsApp From their smartphones, with officials who are afraid that the app can be used as a source of strategic information for the opponent in the current conflict.
A series of limitations imposed by the government also started on 13 June and led to one Surge of VPN -Question in Iran That achieved peaks of more than 700% increase.
However, authorities seem to focus on VPN use on part of the Best VPN Apps are reportedly not working at all times.
Maybe you like it too
- Advertisement -
