Posts Tagged ‘cyber army’

Iran Cyber-Army Strikes Digital Certificate Authority

March 25th, 2011 03:00 admin View Comments

iran_hack_150.pngLast Wednesday, Comodo Group, the digital certificate authority and internet security, got hacked. They issued issued nine fraudulent certificates for sites run by Google, Yahoo, Microsoft, Skype and Mozilla. It looks like the hack that got these certificates was run by the same Iranian cyber army that earlier hacked the Voice of America.

In a blog post, Comodo explained that login information for an affiliate was obtained and used to break into the Comodo server and issue the certificates.

rockyou-hacker.jpgAccording to Comodo’s Dr. Philip Hallam-Baker, the attacks came from Iran, though he warns the route may be a false trace.

“The IP address of the initial attack was recorded and has been determined to be assigned to an ISP in Iran. A web survey revealed one of the certificates deployed on another IP address assigned to an Iranian ISP. The server in question stopped responding to requests shortly after the certificate was revoked.”

Hallam-Baker rightly points out that seizing entry to such high-traffic consumer sites, all of which are communications properties, would be of particular use to “a government attempting surveillance of Internet use by dissident groups.”

The hackers could, with such access, intercept communications from individual users, plant malware on their accounts, harvest login information and block circumvention addons.

Was it Iran? Or was it a country Iran was helping? Or was it a false trail?

Iranianflag.jpgCyber-warfare is becoming all too common. Iran has done a lot of it. But some of it, like the Stuxnet virus, has been done to Iran. Online connections and nodes are starting to assume the warfare importance radio stations had once upon a time.

Other sources: NYT Bits

Source: Iran Cyber-Army Strikes Digital Certificate Authority

Syrian Bloggers Arrested: This Week in Online Tyranny

February 24th, 2011 02:15 admin View Comments

syrian flag.pngSyria cracks down on bloggers. As the Jasmine Uprisings go on in Libya, Bahrain, Yemen and elsewhere, Syria has gone in the other direction, arresting bloggers. In the last month, Ahmad Abu Al-Kheir and Firaz Akram Mahmoud have been arrested and Tal Al-Mallouhi was sentenced to five years for her imaginary spying. A host of other Syrian bloggers remain jailed.

Although Syria recently loosened up its Internet filtering, this is clearly just a PR move. Remember, as awful as one death is and despite how violent the deaths of more than 500 Libyans may seem, the father of Syria’s leader killed between 20,000 and 40,000 people in Hama in 1982. These people are monsters.

mideastmap.jpgLibya, Yemen & Bahrain. The uprisings and protests in these three countries continue on. Bahrain sent in tanks and troops to kill about seven protesters and injured hundreds but then backed off. Security forces chased and beat Yemenis but they continue their protests. Libya is the most violent, with many calling it less an uprising in the Tunisian sense and more of a civil war, with non-violence taking a severe beating as protesters arm themselves against tanks and live fire.

Behind the Jasmine Curtain. As the uprisings continue, it’s not just Syria using misdirection to continue or increase their oppression.

Arshama3′s list shows 68 journalists and bloggers currently arrested and incarcerated in Iran. At the same time, Iran’s “cyber army” hacked the websites belonging to the Voice of America.

ksa.pngSaudi Arabia is cycling through a new collection of imprisoned bloggers even as the kingdom’s women demand their rights – on Twitter.

Cambodia blocks popular blogs. “Cambodian authorities have ordered local Internet service providers to block a number of websites, including the popular KI Media news aggregator and commentary blog, considered critical of the government.”

Bahraini blogger and online editor freed. Want some good news? This is good news. Ali Abdulemam, held since the beginning of last September has been set free in the release of political prisoners inspired by #feb14 and has reunited with his family. Abdulemam has run popular BahrainOnline forum site for over six years. He was arrested the first time for it in 2005.

Map from Norman B. Leventhal Map Center

Source: Syrian Bloggers Arrested: This Week in Online Tyranny

Voice of America Site Forced Offline By ‘Iranian Cyber Army’

February 22nd, 2011 02:06 admin View Comments


angry tapir writes with this excerpt from TechWorld: “The pro-Iran hacktivist group that defaced the Baidu and Twitter Web sites a year ago has hit another target: the US Government’s Voice of America news site. Voice of America was knocked offline temporarily after hackers were able to change the organization’s DNS (Domain Name System) settings, redirecting Web traffic hitting Voice of America sites to another site controlled by the hackers.”

Source: Voice of America Site Forced Offline By ‘Iranian Cyber Army’

Iran’s “Cyber Army” Hacks Voice of America

February 22nd, 2011 02:20 admin View Comments

Iranianflag.jpgIran’s regime-controlled hackers have broken into a number of websites run by the U.S.government broadcasting organization Voice of America and changed their landing pages. This was confirmed by Iran’s semi-official state news agency, Fars.

The sites were reported to have been restored to normal but at last check the main English language site was still hacked.

As well as the English version, those in Azeri, Dari, Pashtun, and Urdu languages, carry, or did carry, the image of a machine gun, an Iranian flag and an anti-American statement.

This is an important proof of concept for the idea that any tool a “dissident” group like Anonymous can use can be also be used by a government with the will and the know-how to do so.

According to Voice of America itself:

“VOA executives said the hackers did not penetrate any of the government-funded agency’s computer networks. They did gain entry to an outside computer system that operates a domain name server – a database of Internet addresses available worldwide – and redirected VOA traffic to the hackers’ own site.”

It was done because of VOA’s “anti-Islamic stand,” claimed the Fars Agency.

“The move came in response to the false reports released by the VOA and other websites on the spread and progress of seditious moves in Iran. VOA and its affiliates have long been supporting anti-Islamic Republic groups and sought to provoke unrests in Iran.”

The attack started Monday evening is lasting into today.

This is far from the first time this Iranian group has hacked a site. Last January, they broke into the Chinese search engine Baidu, also redirecting it to a political message. The month before, they broke into Twitter.

iran hacker.jpg

Source: Iran’s “Cyber Army” Hacks Voice of America

Iranian Cyber Army Moves Into Botnet Renting

October 26th, 2010 10:21 admin View Comments

angry tapir writes “A group of malicious hackers who attacked Twitter and the Chinese search engine Baidu are also apparently running a for-rent botnet, according to new research from Seculert. The so-called Iranian Cyber Army also took credit last month for an attack on TechCrunch’s European website. In that incident, the group installed a page on TechCrunch’s site that redirected visitors to a server that bombarded their PCs with exploits in an attempt to install malicious software.”

Source: Iranian Cyber Army Moves Into Botnet Renting

Talk On Chinese Cyber Army Pulled From Black Hat

July 15th, 2010 07:49 admin View Comments

Trailrunner7 writes “A talk on China’s state-sponsored offensive security efforts scheduled for the Black Hat conference in Las Vegas later this month has been pulled after concerns were raised by people within the Chinese and Taiwanese government about the talk’s content. The presentation was to be delivered by Wayne Huang, CTO of Armorize, an application security company with R&D operations in Taiwan. The talk was billed as an in-depth, historical look at the offensive capabilities and operations of China’s so-called cyber-army.”

Source: Talk On Chinese Cyber Army Pulled From Black Hat

Twitter Hackers Take Down Baidu

January 12th, 2010 01:51 admin View Comments

snydeq writes “The group that took down Twitter last month has apparently claimed another victim: China’s largest search engine Offline late Monday, at one point displayed an image saying ‘This site has been hacked by Iranian Cyber Army,’ according to a report in the official newspaper of the Chinese Communist Party and other Web sites. The Iranian Cyber Army first gained notoriety with its Dec. 18 Twitter attack. Baidu’s domain name records were the focus of the hack. On Monday, the company was using domain name servers belonging to HostGator, a Florida ISP, instead of the nameservers the company normally uses.”

Source: Twitter Hackers Take Down Baidu