Monday, June 20, 2016
Iranian Hackers Attack Iranian Government Portals & Banks
The IRGC Organized Cyber Crime Investigation Center have reported that over 3,000 Iranian websites have been hacked by a group called the Mafia Hacking Team.
According to Tasnim news, IRGC Organized Cyber Crime Investigation Center spokesman Mostafa Alizadeh stated that, "The person who recently hacked state bodies' websites managed to access banks' data bases, including 3,000 pay slips... the person who introduced themselves as 'Mafia Hacking Team' in cyberspace and hacked websites of state bodies had identified well-known sites more than a year ago"
Alizadeh also added that, "This hacker tried to make these bodies realize that the security hole that exists in their portals but they did not pay any attention to this". In other words, Iran has been caught with her cyber-underwear exposed and is very red faced!
Mostafa Alizadeh stated that the attacker had also hacked various bank information, but did not publish the information (including 3,000 payslips) as the attacker "did not have criminal intentions", according to Alizadeh.
So it seems that Mafia Hacking Team are not black hat hackers but perhaps gray hat hackers?
The IRGC said that of the 3,000 websites attacked, 38 were Government sites, including the National Organization for Civil Registration (reported by the Iranian Young Journalists Club), Roads and Urban Development, Customs, Industries and Mines organizations. In addition, 370 University sites were also attacked.
Alizadeh was at least honest enough to admit that those "organizations do not use firewalls and lack enough experts for updating their security means". Not the best cyber security policy perhaps...
Labels:
Government,
hackers,
Iranian,
Iranian Labor News Agency,
IRGC,
Mafia Hacking Team,
Mostafah Alizadeh,
Organized Cyber Crime Investigation Center,
Tasnim,
YJC,
Young Journalists Club
Thursday, June 16, 2016
Iranian Hackers Find Security Bug in Telegram
The Iranian Young Journalists Club (YJC) report that the popular messaging application Telegram has a security hole which has been exposed by Iranian white-hat hackers (ethical hackers). The vulnerability could cause smartphones to crash.
Telegram's security claims challenge anyone to try and undermine its security. Two Iranian hackers have discovered a security hole in Telegram, in which it is possible to send files much larger that the existing permitted limit (set at 4,096 bytes).
The Iranian hackers uploaded a video to prove their exploit. In the video, they say that there are two responses from a recipient's phone when Telegram messages larger than 4,096 bytes are sent. Firstly, the recipient's internet bandwidth is accordingly reduced in relation to the size of the message until it finishes and secondly, the receiving device runs out of memory and then the application crashes the smartphone.
The hackers stated that the sender does not need to be in your contacts so you may never know the true attacker if they are using an additional SIM card, for example.
Telegram is very popular with over 25 million users in Iran and its popularity is mainly due to many rival applications being subject to Iran's filtering restrictions.
Also, Iranians like Telegram because of the ability to create private or public "channels" and broadcast ideas through those.
However, can you really trust the encryption that Telegram uses, compared to applications like WhatsApp which use Signal standard end-to-end encryption? This article shows that maybe Iranians should think twice about using Telegram...
Labels:
hackers,
Iranian,
Telegram,
YJC,
Young Journalists Club
Subscribe to:
Posts (Atom)
-
Ashiyane Security Group (officially Ashiyane Information and Communication Technology Company) is one of the oldest cyber security group...
-
Web browsers generally allow users to send a "Do Not Track" signal that informs advertisers that the users do not want to be ...
-
Are Iranian hackers involved in using the " Mamba " ransomware (or possibly be behind the ransomware)? It seems unclear but an...
-
Duqu 2.0: ‘Almost Invisible’ Cyber Espionage Tool Targeted Russian Co., Linked to Iran Nuclear TalksA Russian cyber security company says that it has discovered a highly-technical, “almost invisible” cyber espionage tool that t...
-
Head of Iran Cyber Police (FATA) General Seyed Kamal Hadianfar asked for collective efforts by all world states to prevent the spread of...
-
Funeral reception of Mohammad Hussein Tajik News of the assassination of an Iranian Cyber manager has recently been released. Mohammad H...
-
Since my last post in October, there has been no confirmation of which group was behind the cyber-attack on Westminster, or the role of the ...
-
امروز صبح خبر ناراحتکننده ماجرای دکتر فرهاد میثمی را دیدم. این عکسی از کمپ نازی نیست. او صد در صد قهرمان ایرانیهاست. ما باید صدایش باشیم....