Monday, June 20, 2016
Iranian Hackers Attack Iranian Government Portals & Banks
The IRGC Organized Cyber Crime Investigation Center have reported that over 3,000 Iranian websites have been hacked by a group called the Mafia Hacking Team.
According to Tasnim news, IRGC Organized Cyber Crime Investigation Center spokesman Mostafa Alizadeh stated that, "The person who recently hacked state bodies' websites managed to access banks' data bases, including 3,000 pay slips... the person who introduced themselves as 'Mafia Hacking Team' in cyberspace and hacked websites of state bodies had identified well-known sites more than a year ago"
Alizadeh also added that, "This hacker tried to make these bodies realize that the security hole that exists in their portals but they did not pay any attention to this". In other words, Iran has been caught with her cyber-underwear exposed and is very red faced!
Mostafa Alizadeh stated that the attacker had also hacked various bank information, but did not publish the information (including 3,000 payslips) as the attacker "did not have criminal intentions", according to Alizadeh.
So it seems that Mafia Hacking Team are not black hat hackers but perhaps gray hat hackers?
The IRGC said that of the 3,000 websites attacked, 38 were Government sites, including the National Organization for Civil Registration (reported by the Iranian Young Journalists Club), Roads and Urban Development, Customs, Industries and Mines organizations. In addition, 370 University sites were also attacked.
Alizadeh was at least honest enough to admit that those "organizations do not use firewalls and lack enough experts for updating their security means". Not the best cyber security policy perhaps...
Labels:
Government,
hackers,
Iranian,
Iranian Labor News Agency,
IRGC,
Mafia Hacking Team,
Mostafah Alizadeh,
Organized Cyber Crime Investigation Center,
Tasnim,
YJC,
Young Journalists Club
Thursday, June 16, 2016
Iranian Hackers Find Security Bug in Telegram
The Iranian Young Journalists Club (YJC) report that the popular messaging application Telegram has a security hole which has been exposed by Iranian white-hat hackers (ethical hackers). The vulnerability could cause smartphones to crash.
Telegram's security claims challenge anyone to try and undermine its security. Two Iranian hackers have discovered a security hole in Telegram, in which it is possible to send files much larger that the existing permitted limit (set at 4,096 bytes).
The Iranian hackers uploaded a video to prove their exploit. In the video, they say that there are two responses from a recipient's phone when Telegram messages larger than 4,096 bytes are sent. Firstly, the recipient's internet bandwidth is accordingly reduced in relation to the size of the message until it finishes and secondly, the receiving device runs out of memory and then the application crashes the smartphone.
The hackers stated that the sender does not need to be in your contacts so you may never know the true attacker if they are using an additional SIM card, for example.
Telegram is very popular with over 25 million users in Iran and its popularity is mainly due to many rival applications being subject to Iran's filtering restrictions.
Also, Iranians like Telegram because of the ability to create private or public "channels" and broadcast ideas through those.
However, can you really trust the encryption that Telegram uses, compared to applications like WhatsApp which use Signal standard end-to-end encryption? This article shows that maybe Iranians should think twice about using Telegram...
Labels:
hackers,
Iranian,
Telegram,
YJC,
Young Journalists Club
Subscribe to:
Posts (Atom)
-
Safebreach experts report that a new Iranian cyber actor has used a exploit of Microsoft MSHTML Remote Code Execution (RCE) to infect farsi-...
-
It has been reported that Iran airline Mahan Air has be hit by cyberattack. According to news agencies Mahan Air customers received text mes...
-
امروز صبح خبر ناراحتکننده ماجرای دکتر فرهاد میثمی را دیدم. این عکسی از کمپ نازی نیست. او صد در صد قهرمان ایرانیهاست. ما باید صدایش باشیم....
-
Iran confirms that spy malware called Dino is targeting sensitive centers inside the country since one and half years ago. M...
-
Mahdi Karimi, the deputy-director of Ertebatat Zirsakht Communications Company stated in the company's inauguration speech, that ...
-
Symantec has revealed details about malware called "Regin". This shows a multi-stage attack that is capable of being adapted...
-
Just over a month ago, the US announced the indictment of Behzad Mesri (Skote Vahshat) who has been indicted by the FBI for computer fraud,...
-
Iranian state targeted the public and private sector in the US, Israel, UK and beyond using social media. Iranian hackers use more ...