Iran oil terminal suffers malware attack

The BBC is reporting that websites belonging to the Iranian oil ministry and national oil company are offline after suffering a malware infection this weekend. Iran has disconnected all of its oil processing facilities as a precaution, including the facility at Kharg Island which processes more than 90% of Iran’s exports. The semi-official news agency, Mehr, reported that information about users of the websites had been stolen, but no sensitive data had been accessed. ...

April 24, 2012 Â· 2 min Â· 240 words Â· Omid Farhang

Banking System Vulnerability – 3 million bank accounts hacked in Iran [Updated]

As I said in the other post, Iran’s Central Bank has announced that the electronic information of 3 million customers of 10 Iranian banks have been compromised. These banks now require their customers to change their ATM pin numbers before they can access their account. This has caused a rush to the ATM machines by the worried customers. The hacker was identified as Khosro Zare’, a former bank-system specialist in Iran who recently left the country. Zare’ claimed in a blog that he hacked the PIN codes to highlight the vulnerability of Iran’s banking system. ...

April 17, 2012 Â· 2 min Â· 225 words Â· Omid Farhang

Hacker divulges data on 10 Iranian banks, central bank warns clients [Updated]

An Iranian hacker published the information about some 3 million debit cards of 10 Iranian banks, including codes and passwords. The information has been published by someone named “Khosrow Zare Farid” who was the manager of a company which operates SHETAB payment network in Iran and produces and installs POS devices. “Around one year ago I found a critical bug in the system. Then I wrote and sent a formal report to all the CEO of banks in Iran but none of them replied to me. Now I decided to publish the information. Governments tried to catch me by Iran Cyber Army but they failed,” he said, according to Kabir News website ...

April 15, 2012 Â· 2 min Â· 237 words Â· Omid Farhang

Iran increasingly controls its Internet [Update 6]

Washington Post wrote: TEHRAN — Whenever an Iranian blogger, connects to the Internet from his office, they switches on a special connection that for years would bypass the Islamic republic’s increasingly effective firewall. But recently the software, which allowed them to go online through portals elsewhere in the world, stopped working. When it sporadically returns, speeds are so excruciatingly slow that sites such as Facebook become unusable. ...

February 9, 2012 Â· 2 min Â· 391 words Â· Omid Farhang

Iranian block on Tor traffic quickly foiled

The H-Security: The online privacy and security service Tor was blocked by the Iranian government late evening (local time) 13 September. This was done by adding a filter rule to the Iranian border routers which identified Tor traffic and blocked it. The blocking was quickly discovered by Tor and the project released a fix a few hours later. The fix consists of a new version of the Tor software, Tor 0.2.3.4-alpha, and once this is installed on relays and bridges, the company expects normal service to be resumed for users in Iran. ...

September 16, 2011 Â· 2 min Â· 232 words Â· Omid Farhang

An update on attempted man-in-the-middle attacks

Google: Today we received reports of attempted SSL man-in-the-middle (MITM) attacks against Google users, whereby someone tried to get between them and encrypted Google services. The people affected were primarily located in Iran. The attacker used a fraudulent SSL certificate issued by DigiNotar, a root certificate authority that should not issue certificates for Google (and has since revoked it). Google Chrome users were protected from this attack because Chrome was able to detect the fraudulent certificate. ...

August 31, 2011 Â· 1 min Â· 164 words Â· Omid Farhang

Iran: Computer Malware Sabotaged Uranium Centrifuges

A security man stands next to an anti-aircraft gun as he scans Iran’s nuclear enrichment facility in Natanz, 300 kilometers [186 miles] south of Tehran, Iran, in April 2007. Wired: In what appears to be the first confirmation that the Stuxnet malware hit Iran’s Natanz nuclear facility, Iranian President Mahmoud Ahmadinejad said Monday that malicious computer code launched by “enemies” of the state had sabotaged centrifuges used in Iran’s nuclear-enrichment program. ...

November 30, 2010 Â· 5 min Â· 976 words Â· Omid Farhang

Stuxnet in the news

The Stuxnet Trojan is very well covered in the media as more and more details about its sophisticated code become public. It abuses four previously unknown security vulnerabilities in Windows to enter the system and is specialized on attacking Siemens processing systems. An interesting information which didn’t get much attention yet comes from heise Security: The nuclear plant in Busheer isn’t really the target of the worm as rumours say, as the attacked systems aren’t approved for usage in nuclear plants. ...

September 30, 2010 Â· 1 min Â· 81 words Â· Omid Farhang