Iran is no stranger to the global digital security community. This week, cybersecurity firm FireEye released a report about a network of Iranian accounts and groups on social media platforms attempting to manipulate users and also hack their accounts. Though big stories like this tend to focus on Iranian cyber attacks against Western government interests and infrastructure, these networks of hackers are also causing major trouble for Iranian citizens as well.
Certfa, a digital security firm focusing on Iranian cyber threats, recently discovered a new range of criminal activities by Iranian hackers, which is costing Iran’s citizens millions of dollars each year. Their latest scheme is PushIran.DL, a malware that allows fraudulent ads to pop-up on Android devices, the most popular mobile device used by Iranians. …
Iran’s Cyber Police or FATA is the cyber arm of Iran’s Police which tries to protect Iranian people against cyber criminals and cyber threats.
Today, I tried to check their website and I was shocked. Why?
Because as you can see, their SSL certification has not been valid since 7th of November 2012. It’s nearly 3 years! It means no one in FATA has checked it since 2012 while their main duty is about digital security.
In the last days of 2014, Facenama- an Iranian version of Facebook- was hacked by anonymous hacker(s) and details of more than 116,000 users were published.
A few days after disclosing database, I downloaded it due to my curiosity that I really liked to know what kind of passwords is used by Iranians. Why?
Because we had not had such information that helped us to find out the most popular passwords in Iran.
The data volume was massive (more than 160,000 records) and it was difficult to analyse them. …