In a significant shift, Iranian authorities are actively encouraging citizens to adopt a domestic messaging application, Bale, as a means of communication with family members residing abroad. This push comes in the wake of a near-total internet blackout that has persisted since June 18, 2025, severely limiting the ability of individuals to connect and access vital information.
According to Fars News Agency, which operates under the auspices of the Islamic Revolutionary Guard Corps, both local and foreign users are now able to utilize the Bale app to maintain contact during this unprecedented communication disruption. With 16.5 million monthly active users reported as of May 2023, Bale has seen a notable increase in adoption, particularly following the Iranian government’s restrictions on popular Western applications that were implemented after the widespread protests in 2022.
However, a recent security audit conducted by the Open Technology Fund has raised serious concerns regarding the safety of Bale and two other Iranian messaging apps, Eitaa and Rubika. The audits, performed in December 2023 and October 2024, revealed critical vulnerabilities in privacy and security protocols. While the apps employed various forms of client-server encryption, none provided end-to-end encryption (E2EE), a standard feature that ensures only the communicating users can read the messages exchanged.
Specifically, the audit highlighted that Bale utilizes an encryption method that could be easily compromised, particularly concerning sensitive data such as credit card information. Furthermore, the apps were found to be interconnected through a state-owned service known as the Message Exchange Bus (MXB), which raises alarms about the potential for state surveillance. The lack of E2EE means that the app server could access plaintext messages, undermining user privacy.
Researchers also noted the unexpected transmission of private data, revealing that when users click on URLs shared within the app, they are redirected to the application’s backend server. This mechanism could allow the servers to monitor user activity and browsing habits, effectively serving as a tool for censorship and surveillance. Additionally, the Bale app was found to share users’ location data with its server during the authentication process.
What experts are saying
In light of these findings, experts from the Open Technology Fund recommend that users consider more secure messaging alternatives that incorporate E2EE, such as Signal, Session, and Wire. Azam Jangrevi, an Iranian information security analyst and advocate for women’s rights, expressed her concerns regarding the Iranian government’s promotion of the Bale app, which has been criticized for its potential to facilitate unauthorized surveillance and data collection.
Iran’s regime has cut internet access, leaving millions disconnected from loved ones abroad. Officials push the “Baleh” app, long flagged by activists as insecure and a tool for state surveillance. #InternetFreedom #Iran #war #IranIsraelConflict pic.twitter.com/3mbuTogCds
Jangrevi cautioned that the app, linked to the National Bank of Iran, raises significant red flags due to potential spyware embedded within its code. Concerns include unauthorized surveillance, remote access to devices, and the collection of metadata, particularly targeting individuals with political or social influence. In light of these risks, analysts strongly advise against using Bale for sensitive communications, instead suggesting encrypted services like Signal or WhatsApp, albeit through secure VPNs, given the variable quality of connections.
Iran’s internet blackout
Since the onset of the blackout, which has left millions disconnected, the situation remains dire. Connectivity was briefly restored on June 21, allowing residents to exchange messages, but the service collapsed again later that evening. Internet watchdog NetBlocks reported that the country remains largely offline, with diminished telecommunications severely impacting the public’s ability to stay informed and maintain contact with loved ones.
In this challenging environment, Iranian officials have urged citizens to delete WhatsApp from their devices, fearing it may serve as a conduit for strategic information. The government has also imposed a series of restrictions since June 13, leading to a surge in demand for VPN services, with usage reportedly increasing by over 700%. However, authorities appear to be targeting VPN usage, as many of the most effective applications are now experiencing intermittent functionality.
