A secret letter from Iran's Central Bank just leaked, and it’s nothing but bad news. Every major bank has been told to enter full emergency mode immediately.
The letter warns of attacks, blackouts, and “loss of control” scenarios. Banks are being ordered to secure their data, activate backup systems, and keep money moving even if everything collapses.
This isn’t a drill. The directive is classified, urgent, and lays out exactly how to keep the financial system alive if the government falls apart.
This isn’t about regular protests. Their panic shows they’re expecting something far worse.
They’re prepping for a meltdown where cities go dark, systems crash, and people panic.
When banks start planning for survival, it means something serious is coming.
Date: ۱۴۰۴/۱۰/۸ (corresponding to approximately December 29, 2025 – January 18, 2026 in Gregorian calendar)
Received: Tehran
Priority: Urgent
Security: Confidential
Emblem: Islamic Republic of Iran – Ministry of Intelligence
Title:
معاونت نظام پرداخت و فناوریهای نوین
(Deputy for Payment Systems and Emerging Technologies)
Subject:
بانک مرکزی جمهوری اسلامی ایران
(Central Bank of the Islamic Republic of Iran)
Main Body:
جناب آقای بهاروندی – مدیر عامل محترم بانک کارآفرین
(Dear Mr. Baharvandi – Respected CEO of Karafarin Bank)
مدیر عامل محترم بانک گردشگری
(Respected CEO of Tourism Bank)
جناب آقای محمد فضایی پاکدهی – مدیر عامل محترم بانک مشترک ایران و ونزوئلا
(Dear Mr. Mohammad Fazaei Pakdehi – Respected CEO of Iran-Venezuela Joint Bank)
با سلام و احترام،
حسب اعلام مراجع ذیصلاح امنیتی، به استحضار میرساند با عنایت به تحرکات دشمنان پیرامون برنامهریزی خرابکارانه احتمالی در برخی حوزهها در مناطقی از کشور و حفظ آمادگی و ایجاد قدرت بازدارندگی در برابر تهدیدات سایبری، خواهشمند است دستور فرمایید موارد ذیل در دستور کار قرار گیرد:
توجه به احتمال خرابکاری در منابع تامین کننده برق اضطراری؛
(1. Attention to the possibility of sabotage in emergency power supply sources;)
تقویت نظارت در گیتهای بازرسی و شناسایی محموله و چهرههای مشکوک در سایتهای بک و واحد مرتبهن و سرویسدهی؛
(2. Strengthening supervision at inspection gates and identifying suspicious shipments and faces at backup sites, central units, and service provision;)
مراقبت از بخشهای خدمترسانی به ویژه خدمت رسانی شبکهای (بانکداری)؛
(3. Monitoring of service provision sections, especially network-based services (banking);)
آگاهی رسانی به مشتریان و تعیین راهکارهای جایگزین تولید و ارسال رمز پویا باتوجه به عدم وابستگی به پیامک همراه و برگزاری مانور؛
(4. Raising awareness among customers and determining alternative solutions for generating and sending dynamic passwords without reliance on mobile SMS, and conducting drills;)
تهیه و نگهداری پشتیبان سرد از دادههای حیاتی مشتریان و انجام آزمون بازگردانی داده؛
(5. Preparing and maintaining cold backups of customers' vital data and performing data restoration tests;)
ایجاد امکان ارائه سرویسهای پرداخت و دریافت پذیری بر پایه به صورت حضوری و غیرحضوری در سایت پشتیبان و بحران و برگزاری مانور ارائه سرویس؛
(6. Creating the ability to provide payment and acceptance services in person and remotely at backup and crisis sites, and conducting service provision drills;)
نظارت بر فرایندهای چرخه مدیریت آسیبپذیری داراییهای، به ویژه بهروزرسانیهای حیاتی و اتصال به موقع کنترلهای رفع یا کاهش آسیبپذیریها؛
(7. Monitoring the vulnerability management cycle processes for assets, especially critical updates and timely connection of controls to mitigate or eliminate vulnerabilities;)
ارتقای حساسیت مرکز عملیات امنیت در راستای کاهش زمان شناسایی مهار و ریشهیابی تهدیدات در راستای تحلیل رفتار کاربران و سیستمها برای شناسایی تهدیدات داخلی و فعالیتهای غیرعادی در سامانههای حیاتی؛
(8. Enhancing the sensitivity of the Security Operations Center to reduce the time for detection, containment, and root cause analysis of threats by analyzing user and system behavior to identify internal threats and abnormal activities in critical systems;)
ایجاد سرویس مشاهده و قابلیت انتقال موجودی مشتریان، بدون وابستگی به سامانه متمرکز بانکداری در سایت بحران و اجرای مانور ارائه سرویس.
(9. Creating a service for viewing and transferring customer balances without dependency on the centralized banking system at the crisis site, and conducting a service provision drill.)
This appears to be a single-page official letter from the Deputy for Payment Systems and Emerging Technologies of an entity associated with the Central Bank of the Islamic Republic of Iran, bearing the emblem of the Islamic Republic of Iran (likely routed through or in coordination with the Ministry of Intelligence, given the security context).
Header Details:
Document Number: ۱۴۰۴/۴۴۷۷
Date: ۱۴۰۴/۱۰/۸ (corresponding to December 29, 2025, in the Iranian calendar; approximately late December 2025 in Gregorian)
Receipt Location: Tehran
Priority: Urgent
Classification: Confidential
Recipients:
Mr. Baharvandi – CEO of Karafarin Bank
CEO of Tourism Bank
Mr. Mohammad Fazaei Pakdehi – CEO of the Iran-Venezuela Joint Bank
Greeting:
With regards and respect,
Main Content:
Based on reports from relevant security authorities, it is brought to your attention that, considering the enemy's activities in planning potential sabotage in certain areas of the country, and to maintain readiness and create deterrent power against cyber threats, please issue instructions for the following items to be prioritized:
Attention to the possibility of sabotage in emergency power supply sources;
Strengthening supervision at inspection gates and identifying suspicious shipments and individuals at backup sites, central units, and service provision areas;
Monitoring service provision sections, especially network-based banking services;
Raising customer awareness and determining alternative solutions for generating and sending dynamic (one-time) passwords without reliance on mobile SMS, along with conducting drills;
Preparing and maintaining cold backups of customers' critical data and performing data restoration tests;
Enabling the provision of payment and acceptance services (in-person and remote) at backup and crisis sites, along with conducting service provision drills;
Monitoring the vulnerability management cycle processes for assets, particularly critical updates and timely implementation of controls to mitigate or eliminate vulnerabilities;
Enhancing the sensitivity of the Security Operations Center (SOC) to reduce the time for threat detection, containment, and root-cause analysis through analysis of user and system behavior to identify internal threats and abnormal activities in critical systems;
Creating a service for viewing and transferring customer balances without dependency on the centralized banking system at the crisis site, along with conducting a service provision drill.
Closing:
Best regards,
Signature:
The bottom of the page has a boxed "Confidential" stamp in Persian ("محرمانه"). There is no visible handwritten signature or printed name of the signer in the provided image; it ends with the standard formal closing typical of official Iranian government correspondence.
This letter is an internal security directive urging Iranian banks to enhance cybersecurity and operational resilience measures in anticipation of potential sabotage or cyber attacks. No public reports confirm the existence or distribution of this exact document as of early 2026.
This image shows the continuation and end of the same official letter as the previous one. It appears to be the lower part of the document, picking up from the list of instructions and including the signature section.
Header (repeated from top):
Number: ۱۴۰۴/۴۴۷۷
Date: ۱۴۰۴/۱۰/۸ (approximately December 29, 2025, in the Gregorian calendar)
Received: Tehran
Priority: Urgent
Security: Confidential
Emblem and Title (repeated):
معاونت نظام پرداخت و فناوریهای نوین
(Deputy for Payment Systems and Emerging Technologies)
بانک مرکزی جمهوری اسلامی ایران
(Central Bank of the Islamic Republic of Iran)
Continuation of the Main Body (starting from item 10, as the previous page likely ended around item
9): ۱۰. ایجاد امکان تامین تجهیزات ضروری اصلی در راستای دستیابی به قابلیت بازیابی سریع در صورت بروز حادثه (مانند سیستم متمرکز بانکداری و غیره) در سایت پشتیبان و بحران بدون وابستگی به شرکتهای پشتیبانی؛
(10. Creating the possibility to provide essential primary equipment to achieve rapid recovery in case of an incident (such as the centralized banking system, etc.) at backup and crisis sites without dependency on support companies;)
Signature Section:
نوشته شده:
نويس آفرين مومن واقفی
Signature:
A handwritten signature above the line.
Position/Title (printed below):
نایب رئیس هیئت مدیره - عضو هیئت عامل و مدیر دستور العمل اجرایی
(Vice Chairman of the Board - Board Member and Executive Instruction Manager)
شرکت خدمات انفورماتیک - بانک مرکزی
(Informatics Services Company - Central Bank)
شرکت الکترونیک پردازش داده پرداز - شرکت آتیه داده پرداز
(Electronic Data Processing Company - Atieh Dadepardaz Company)
شرکت خدمات انفورماتیک راهبر - شرکت آتیه داده پرداز
(Informatics Services Rahbar Company - Atieh Dadepardaz Company)
مرکز مبادله ارز و طلای ایران - جهت آگاهی و دستور مقتضی اقدام مقتضی
(Iran Currency and Gold Exchange Center - For information and necessary action)
Footer:
محرمانه
(Confidential)
This page concludes the directive with one additional instruction (item 10) and is signed by Nooshafarin Momen Vaqefi (نوشآفرین مؤمنوقفی), who is the current Deputy for Payment Systems and Emerging Technologies at the Central Bank of Iran.
The document is a legitimate-style internal security advisory from the Central Bank of Iran, urging heightened preparedness against potential sabotage and cyber threats. As of January 2026, there are no public reports of this specific letter being leaked or distributed outside official channels, though Iran has faced ongoing cyber incidents in recent months.
Psh, "secret letter"?!
Com'mon mon, how about an "internal memo"...
Not that this is the silliest, but shit certainly has been getting silly lol
A secret letter from Iran's Central Bank just leaked, and it’s nothing but bad news. Every major bank has been told to enter full emergency mode immediately.
The letter warns of attacks, blackouts, and “loss of control” scenarios. Banks are being ordered to secure their data, activate backup systems, and keep money moving even if everything collapses.
This isn’t a drill. The directive is classified, urgent, and lays out exactly how to keep the financial system alive if the government falls apart.
This isn’t about regular protests. Their panic shows they’re expecting something far worse.
They’re prepping for a meltdown where cities go dark, systems crash, and people panic.
When banks start planning for survival, it means something serious is coming.
Source: @ ghorbaniiniyak
https://x.com/MarioNawfal/status/2007154926884168185?s=20
Grok Conversation translation of letter -
1st page -
Header (Top of the Page):
Number: ۱۴۰۴/۴۴۷۷
Date: ۱۴۰۴/۱۰/۸ (corresponding to approximately December 29, 2025 – January 18, 2026 in Gregorian calendar)
Received: Tehran
Priority: Urgent
Security: Confidential
Emblem: Islamic Republic of Iran – Ministry of Intelligence
Title:
معاونت نظام پرداخت و فناوریهای نوین
(Deputy for Payment Systems and Emerging Technologies)
Subject:
بانک مرکزی جمهوری اسلامی ایران
(Central Bank of the Islamic Republic of Iran)
Main Body:
جناب آقای بهاروندی – مدیر عامل محترم بانک کارآفرین
(Dear Mr. Baharvandi – Respected CEO of Karafarin Bank)
مدیر عامل محترم بانک گردشگری
(Respected CEO of Tourism Bank)
جناب آقای محمد فضایی پاکدهی – مدیر عامل محترم بانک مشترک ایران و ونزوئلا
(Dear Mr. Mohammad Fazaei Pakdehi – Respected CEO of Iran-Venezuela Joint Bank)
با سلام و احترام،
حسب اعلام مراجع ذیصلاح امنیتی، به استحضار میرساند با عنایت به تحرکات دشمنان پیرامون برنامهریزی خرابکارانه احتمالی در برخی حوزهها در مناطقی از کشور و حفظ آمادگی و ایجاد قدرت بازدارندگی در برابر تهدیدات سایبری، خواهشمند است دستور فرمایید موارد ذیل در دستور کار قرار گیرد: توجه به احتمال خرابکاری در منابع تامین کننده برق اضطراری؛
(1. Attention to the possibility of sabotage in emergency power supply sources;) تقویت نظارت در گیتهای بازرسی و شناسایی محموله و چهرههای مشکوک در سایتهای بک و واحد مرتبهن و سرویسدهی؛
(2. Strengthening supervision at inspection gates and identifying suspicious shipments and faces at backup sites, central units, and service provision;) مراقبت از بخشهای خدمترسانی به ویژه خدمت رسانی شبکهای (بانکداری)؛
(3. Monitoring of service provision sections, especially network-based services (banking);)
آگاهی رسانی به مشتریان و تعیین راهکارهای جایگزین تولید و ارسال رمز پویا باتوجه به عدم وابستگی به پیامک همراه و برگزاری مانور؛
(4. Raising awareness among customers and determining alternative solutions for generating and sending dynamic passwords without reliance on mobile SMS, and conducting drills;)
تهیه و نگهداری پشتیبان سرد از دادههای حیاتی مشتریان و انجام آزمون بازگردانی داده؛
(5. Preparing and maintaining cold backups of customers' vital data and performing data restoration tests;)
ایجاد امکان ارائه سرویسهای پرداخت و دریافت پذیری بر پایه به صورت حضوری و غیرحضوری در سایت پشتیبان و بحران و برگزاری مانور ارائه سرویس؛
(6. Creating the ability to provide payment and acceptance services in person and remotely at backup and crisis sites, and conducting service provision drills;)
نظارت بر فرایندهای چرخه مدیریت آسیبپذیری داراییهای، به ویژه بهروزرسانیهای حیاتی و اتصال به موقع کنترلهای رفع یا کاهش آسیبپذیریها؛
(7. Monitoring the vulnerability management cycle processes for assets, especially critical updates and timely connection of controls to mitigate or eliminate vulnerabilities;)
ارتقای حساسیت مرکز عملیات امنیت در راستای کاهش زمان شناسایی مهار و ریشهیابی تهدیدات در راستای تحلیل رفتار کاربران و سیستمها برای شناسایی تهدیدات داخلی و فعالیتهای غیرعادی در سامانههای حیاتی؛
(8. Enhancing the sensitivity of the Security Operations Center to reduce the time for detection, containment, and root cause analysis of threats by analyzing user and system behavior to identify internal threats and abnormal activities in critical systems;)
ایجاد سرویس مشاهده و قابلیت انتقال موجودی مشتریان، بدون وابستگی به سامانه متمرکز بانکداری در سایت بحران و اجرای مانور ارائه سرویس.
(9. Creating a service for viewing and transferring customer balances without dependency on the centralized banking system at the crisis site, and conducting a service provision drill.)
Footer:
محرمانه
(Confidential)
https://x.com/i/grok/share/FmZoyVSRqx4HBfDwQAJGf0nBo
Translation of the Document (Full Page)
This appears to be a single-page official letter from the Deputy for Payment Systems and Emerging Technologies of an entity associated with the Central Bank of the Islamic Republic of Iran, bearing the emblem of the Islamic Republic of Iran (likely routed through or in coordination with the Ministry of Intelligence, given the security context).
Header Details:
Document Number: ۱۴۰۴/۴۴۷۷
Date: ۱۴۰۴/۱۰/۸ (corresponding to December 29, 2025, in the Iranian calendar; approximately late December 2025 in Gregorian)
Receipt Location: Tehran
Priority: Urgent
Classification: Confidential
Recipients:
Mr. Baharvandi – CEO of Karafarin Bank
CEO of Tourism Bank
Mr. Mohammad Fazaei Pakdehi – CEO of the Iran-Venezuela Joint Bank Greeting:
With regards and respect,
Main Content:
Based on reports from relevant security authorities, it is brought to your attention that, considering the enemy's activities in planning potential sabotage in certain areas of the country, and to maintain readiness and create deterrent power against cyber threats, please issue instructions for the following items to be prioritized:
Attention to the possibility of sabotage in emergency power supply sources; Strengthening supervision at inspection gates and identifying suspicious shipments and individuals at backup sites, central units, and service provision areas;
Monitoring service provision sections, especially network-based banking services;
Raising customer awareness and determining alternative solutions for generating and sending dynamic (one-time) passwords without reliance on mobile SMS, along with conducting drills;
Preparing and maintaining cold backups of customers' critical data and performing data restoration tests;
Enabling the provision of payment and acceptance services (in-person and remote) at backup and crisis sites, along with conducting service provision drills; Monitoring the vulnerability management cycle processes for assets, particularly critical updates and timely implementation of controls to mitigate or eliminate vulnerabilities;
Enhancing the sensitivity of the Security Operations Center (SOC) to reduce the time for threat detection, containment, and root-cause analysis through analysis of user and system behavior to identify internal threats and abnormal activities in critical systems;
Creating a service for viewing and transferring customer balances without dependency on the centralized banking system at the crisis site, along with conducting a service provision drill. Closing:
Best regards,
Signature:
The bottom of the page has a boxed "Confidential" stamp in Persian ("محرمانه"). There is no visible handwritten signature or printed name of the signer in the provided image; it ends with the standard formal closing typical of official Iranian government correspondence.
This letter is an internal security directive urging Iranian banks to enhance cybersecurity and operational resilience measures in anticipation of potential sabotage or cyber attacks. No public reports confirm the existence or distribution of this exact document as of early 2026.
2nd page ⬇️
2nd page -
Translation of the Second Page (Image ID: 0)
This image shows the continuation and end of the same official letter as the previous one. It appears to be the lower part of the document, picking up from the list of instructions and including the signature section.
Header (repeated from top):
Number: ۱۴۰۴/۴۴۷۷
Date: ۱۴۰۴/۱۰/۸ (approximately December 29, 2025, in the Gregorian calendar)
Received: Tehran
Priority: Urgent
Security: Confidential
Emblem and Title (repeated):
معاونت نظام پرداخت و فناوریهای نوین
(Deputy for Payment Systems and Emerging Technologies)
بانک مرکزی جمهوری اسلامی ایران
(Central Bank of the Islamic Republic of Iran)
Continuation of the Main Body (starting from item 10, as the previous page likely ended around item
9): ۱۰. ایجاد امکان تامین تجهیزات ضروری اصلی در راستای دستیابی به قابلیت بازیابی سریع در صورت بروز حادثه (مانند سیستم متمرکز بانکداری و غیره) در سایت پشتیبان و بحران بدون وابستگی به شرکتهای پشتیبانی؛
(10. Creating the possibility to provide essential primary equipment to achieve rapid recovery in case of an incident (such as the centralized banking system, etc.) at backup and crisis sites without dependency on support companies;)
Signature Section:
نوشته شده: نويس آفرين مومن واقفی
Signature:
A handwritten signature above the line.
Position/Title (printed below):
نایب رئیس هیئت مدیره - عضو هیئت عامل و مدیر دستور العمل اجرایی
(Vice Chairman of the Board - Board Member and Executive Instruction Manager)
شرکت خدمات انفورماتیک - بانک مرکزی
(Informatics Services Company - Central Bank)
شرکت الکترونیک پردازش داده پرداز - شرکت آتیه داده پرداز
(Electronic Data Processing Company - Atieh Dadepardaz Company)
شرکت خدمات انفورماتیک راهبر - شرکت آتیه داده پرداز
(Informatics Services Rahbar Company - Atieh Dadepardaz Company)
مرکز مبادله ارز و طلای ایران - جهت آگاهی و دستور مقتضی اقدام مقتضی
(Iran Currency and Gold Exchange Center - For information and necessary action)
Footer:
محرمانه
(Confidential)
This page concludes the directive with one additional instruction (item 10) and is signed by Nooshafarin Momen Vaqefi (نوشآفرین مؤمنوقفی), who is the current Deputy for Payment Systems and Emerging Technologies at the Central Bank of Iran.
The document is a legitimate-style internal security advisory from the Central Bank of Iran, urging heightened preparedness against potential sabotage and cyber threats. As of January 2026, there are no public reports of this specific letter being leaked or distributed outside official channels, though Iran has faced ongoing cyber incidents in recent months.
https://x.com/i/grok/share/bfK86n6fJdl55KJpSLOylynQ0
If the Iranian central bank goes down, will this affect the others around the world?
We can always hope.
All the World is acting in this FIAT play.
Got ASSETS ?