A tech expert has revealed that his firm may have witnessed an ‘exotic new’ hack that tricked Iranian missiles into plunging into the Mediterranean Sea during the Iran-Israel war.

The war between Iran and Israel, which began in mid-June following a series of Israeli strikes on military, nuclear and civilian positions, saw both nations fire salvos of missiles and drones at each other. 

Like many missile systems found across the world, Iranian missiles rely on Global Navigation Satellite System (GNSS) data to find their way to their targets. 

Sean Gorman, the co-founder and CEO of Zephyr.xys, a tech firm that is working to improve location services on mobile phones, believes that he and his team witnessed a new defensive tactic that involved tricking missiles into flying against their programming. 

Spoofing normally works by sending a powerful radio signal that is stronger than GNSS signals from satellites, forcing a device to listen to the fake information. 

This means that devices believe they are at a false location. 

Ordinarily, spoofed GNSS data looks, to the device, like it has instantly teleported to another location. 

But Sean believes that what he and his team have seen is a highly sophisticated version of this meant to mimic the arcing flight paths of missiles and send them to safer locations. 

Israeli air defence systems are activated to intercept Iranian missiles over the Israeli city of Haifa amid a fresh barrage of Iranian rockets on June 16, 2025

Israeli air defence systems are activated to intercept Iranian missiles over Haifa amid a fresh barrage of Iranian rockets on June 19, 2025

Sean believes that what he and his team have seen is a highly sophisticated spoof meant to mimic the arcing flight paths of missiles

Sean said: ‘Missiles are guided munitions. They all track latitude and longitude and elevation the same way we navigate in our cars or the same way aeroplanes navigate.

‘You’re basically providing that same navigation system in ammunition so that it lands in exactly the right place. Jammers and spoofers have been incredibly effective at preventing guided munition from landing where you where they wanted to land and maybe where you instead getting it to go somewhere else or to fail.’ 

Sean said that his team began tracking spoofing and jamming practices while volunteering in Ukraine, and found that phones loaded with their software were good at tracking these types of attacks. 

Following an American government grant to further this research, phones loaded with Zephyr software were sent across the world to places known for their frequent electronic interference attacks. 

One mobile phone with Zephyr’s app made its way to Haifa in northern Israel, which like many cities in the nation, came under fire from Iranian missiles. 

It was through this mobile phone that Gorman and his team noticed a peculiar signal that different from spoofing and jamming techniques seen in the past. 

Sean told MailOnline: ‘The phone was in Haifa and the positions that the phones were reporting were off in the ocean. And instead of it being teleported to a fixed location, instead we see this arc.

‘There was a synthetically generated position that went in a curve. It’s one measurement from one phone, but it’s a new behaviour or pattern that we haven’t seen.’ 

He added that while he wasn’t 100% sure this was a new ‘push spoofer… it’s certainly not a pattern that we’ve seen before in that you know’.

A girl carries a doll at an impact site following Iran’s strike on Israel, amid the Iran-Israel conflict, in Haifa, Israel, June 22, 2025

Fire of Israeli attack on Sharan Oil depot is seen following the Israeli strikes on Iran, in Tehran, Iran, June 15, 202

Israeli Iron Dome air defense system fires to intercept missiles over Tel Aviv, Israel, Friday, June 13, 2025

This arcing pattern is likely to have been developed to trick the drone into following the fake data. 

‘If you’re teleporting with a big jump and it’s fixed, that would be a much different pattern than a guided munition that is on a trajectory. You want that thing to think it’s still on the trajectory. It continues on the path that the spoof operator is pushing,’ Sean said. 

‘They don’t realise they’re being spoofed because they’re continuing to go on a trajectory. That would fool a drone.’ 

While it’s not clear from Sean’s analysis exactly who perpetrated the hack, the signal is believed to have come from the Middle East.   

Many nations around the world are developing this kind of technology, Sean said, with the invasion of Ukraine being one of the key crucibles. 

He said: ‘There are lots of countries that have sophisticated technical engineers and specialty within GNSS. And each of those countries are constantly trying to evolve their [rivals’] electronic warfare capabilities.

‘We see this with the Russians and Ukrainians, who are constantly iterating and trying to defeat each other’s countermeasures in this kind of cat and mouse game.

‘Countries are investing and trying to provide countermeasures and defeats of those countermeasures so they can still operate in a battle situation like we’re seeing in the Middle East.’ 

But with the increased competition for these types of techniques comes the risk it will be used outside a military context, even in the Iran-Israel war. 

Last week, Frontline tanker Front Eagle and dark fleet tanker Adalynn collided last week near the Strait of Hormuz. 

The two oil tankers were brought to a halt, following a fire on the desk of the Front Eagle which was later extinguished. 

But in the days leading up to the collision, the UK’s Maritime Trade Operations issued a warning that ‘increasing electronic interference’ was being reported in the STrait of Hormuz. 

Sean said this event pointed to an increasing willingness for warring parties to use spoofing and jamming techniques that could have wider effects on civilians and commercial routes.

Commuters drive along a road as a plume of heavy smoke and fire rise from an oil refinery in southern Tehran, after it was hit in an overnight Israeli strike, on June 15, 2025

Israeli first responders and troops work in front of a building hit during an Iranian strike in the port city of Haifa on June 22, 2025

Members of the Israeli forces work at an impact site following Iran’s strike on Israel, amid the Iran-Israel conflict, in Haifa, Israel, June 22, 2025

‘We’re increasingly seeing this happen all over the globe and cause issues with global commerce with supply chains, with aviation. So even outside of the military context, we’re seeing this more and more in our daily lives.  

‘Jamming and spoofing are both prolific, though we see spoofing less frequently and it’s a bit harder to detect than jamming.

‘So while it was interesting to see spoofing activity happening they’re both risks to civilian and commercial operations.’ 

‘Collisions could be an issue both from an aviation standpoint, as well as a maritime standpoint’, Sean said, adding that the ability to ‘detect spoofing will be critical for civilian safety. That’ll be a really important area of R&D investment and where what we’ll need technological capacity both on a civilian and a defence perspective.’