This week, cyberwarfare took a terrible turn as hacker group Predatory Sparrow—known for accuracy and damage—launched devastating strikes on two important Iranian financial institutions: Sepah Bank, a major participant in the nation’s state-backed economy, and Nobitex, the top cryptocurrency exchange.

But unlike most cyberattacks in which the aim is to steal data or money, this one had a far more extreme goal: obliteration.

The group reported on Wednesday on its X account that it had hacked Nobitex and destroyed over $90 million in digital assets. These were not stolen and cashed out money. Rather, they were sent purposefully to vanity addresses—blockchain wallets—cryptographic dead ends with provocative names like “FuckIRGCterrorism.” These are unrecoverable once they are sent.

“This is an act of political sabotage, not financial gain,” co-founder of blockchain tracking company Elliptic, Tom Robinson, said. “The crypto they stole has burned rather nicely.”

The group’s justification was unambiguous: the Iranian government has long used Nobitex to evade sanctions and direct funds to militant organizations. Elliptic’s own information links Nobitex to wallets connected to IRGC operatives, Hamas, the Houthi rebels, and Palestinian Islamic Jihad—all of which are under international sanctions.

The website of Nobitex has been offline since the hack. The platform has not made a public comment; thus, it is yet unknown how users would be reimbursed, if at all.

Not enough, Predatory Sparrow also disclosed another significant attack that day—this one directed against Sepah Bank, one of Iran’s oldest and most powerful financial institutions. The group claimed to have erased all of the bank’s internal records and uploaded what it claimed to be internal records on Sepah’s participation in military operations in Iran.

The accompanying leak message seemed to be a threat: “Caution: Your long-term financial situation suffers when you support the instruments of the government for avoiding sanctions and fund its nuclear program and ballistic missiles. Whose next is it?

Sepah’s main website returned online rather fast, but the ground story was different. The cybersecurity company DarkCell’s founder, Hamid Kashfi, said he has confirmed from contacts inside Iran that ATMs and online services of Sepah Bank have stayed down. “People cannot pay for basic needs or access their wages. This is causing actual disturbance, not only a symbolic attack, he said.

The event has raised questions about the growing blurring of the line separating cyberwarfare from conventional warfare. Predatory Sparrow has a long history of launching well-publicized attacks, damaging infrastructure. From stopping Iran’s national railroads to closing gas stations all around the nation, the group has demonstrated that it can willfully paralyze important systems.

Its most infamous action to date happened in 2022 when it broke into an Iranian steel manufacturing facility, resulting in a catastrophic equipment failure almost sure to cause fatalities. Later on, the group made public video footage of the incident, so reinforcing its reputation for both digital and physical destruction.

Though they present themselves as a resistance movement, most analysts agree that Predatory Sparrow most certainly results from Israeli cyber activities. Their methods, tools, and access far outshine what average independent hackers could control.

“This group isn’t bluffing,” Google’s top cyber threat analyst John Hultquist said. They run with high-level capabilities, discipline, and intent. And they deliver when they swear devastation.

For Iran, the ramifications are major. Exchanges for cryptocurrencies such as Nobitex have been indispensable instruments for avoiding economic isolation. Eliminating one and burning $90 million in the process makes a clear statement: the era of crypto cover for approved governments could be almost gone.

Predatory Sparrow’s menacing query, “Who’s next?” will still be hanging online and other organizations connected to the Iranian government will probably be rushing to improve their digital defenses.

Because in this kind of modern warfare the next attack could strike without notice. When it does, the damage might not be reversible.