Iran is no stranger to the global digital security community. This week, cybersecurity firm FireEye released a report about a network of Iranian accounts and groups on social media platforms attempting to manipulate users and also hack their accounts. Though big stories like this tend to focus on Iranian cyber attacks against Western government interests and infrastructure, these networks of hackers are also causing major trouble for Iranian citizens as well.
Certfa, a digital security firm focusing on Iranian cyber threats, recently discovered a new range of criminal activities by Iranian hackers, which is costing Iran’s citizens millions of dollars each year. Their latest scheme is PushIran.DL, a malware that allows fraudulent ads to pop-up on Android devices, the most popular mobile device used by Iranians. According to Certfa’s investigation, over 1.3 million Android devices are infected with PushIran.DL, …
Iran’s Cyber Police or FATA is the cyber arm of Iran’s Police which tries to protect Iranian people against cyber criminals and cyber threats.
Today, I tried to check their website and I was shocked. Why?
Because as you can see, their SSL certification has not been valid since 7th of November 2012. It’s nearly 3 years! It means no one in FATA has checked it since 2012 while their main duty is about digital security.
In the last days of 2014, Facenama- an Iranian version of Facebook- was hacked by anonymous hacker(s) and details of more than 116,000 users were published.
A few days after disclosing database, I downloaded it due to my curiosity that I really liked to know what kind of passwords is used by Iranians. Why?
Because we had not had such information that helped us to find out the most popular passwords in Iran.
The data volume was massive (more than 160,000 records) and it was difficult to analyse them. …
Since 2009, I have worked in the digital security sector and have been involved in training many people from a wide variety of background and countries. In addition to this, I have had practical experience in helping a number of victims secure their accounts after Phishing attacks.
In my experience, the main reason why the majority of people lose their accounts is due to the increasing incidence of Phishing; a recent high-profile example of this is The Associated Press’ (AP) Twitter account being hacked by the Syrian Electronic Army (SEA).
So, whenever I talk about Phishing at digital security workshops, the majority of people ask how they can protect themselves and what is the easiest way to protect themselves. I always preface my answer by saying that no one can guarantee your digital security on the Internet and, if someone shows you a method and claims you are 100% secure, you should be sceptical. …
In past few weeks, different reports came out regarding hacking of Gmail accounts of Iranians inside the country. Sometimes even the two factor authentication method of Gmail were discussed. But maybe the most important reasons for these speculations in’t enough information about these attacks in the first place.
The recent attacks probably is one of the most sophisticated attacks ever happened. In these attacks, hackers with great deal of information about their target persons tried to hack their gmails accounts and in some cases they were successful, too.
This is obvious that this attacks are systematic and very well planned. Unlike traditional bulk attacks, the hackers tried to brake very systemically into different accounts of certain targets, including their gmail account. …
Back on 2nd May, I wrote an article about Iran’s startup bubble and made the point that the startup ecosystem in Iran is still in its infancy and needs more time to mature.
In mid-July, The Economist published a chart and naming the top 3 startups in Iran. The first version of the article listed Digikala, Cafe Bazaar and Anetwork as the most valuable startups. On reviewing the chart, my suspicions were aroused by the data, especially the fact that Anetwork, was valued at USD 3 million.
To find out the source of the data. I tweeted on Twitter. With the help of Nasser Ghanemzadeh, I traced the source to a World Startup Report (WSR) document. …
The word ‘startup’ has become ubiquitous in Iran and I have seen lots of events, workshops, etc. in which the word startup figures, the most famous being Startup Weekend.
One of the questions that I have had from the first day of the startup phenomenon in Iran was “Is this phenomenon is bubble or not?”
My answer is ‘yes’ to this question and I have different reasons for it. The two most important reasons are lack of both financial resources and experience.
The first reason why I think the startup phenomenon is a kind of bubble is funding. By that I mean Iran’s government and private sector have not been investing funds in Iranian startups. …
When Hassan Rouhani became President of Iran, most Iranian users and media talked about the easing of Internet censorship under Rouhani’s government. Previously, I have written a short post and explained when we can expect users to have unrestricted access to social network websites.
Rouhani has now been President of Iran for more than 5 months and his policies on freedom of expression in Iran are becoming clearer especially after two recent incidents: The arrest of IT specialists by the Iranian Revolutionary Guard Corps (IRGC) and the blocking of some mobile apps such as WeChat. …
Hassan Rouhani is the first Iranian president that has a Twitter account and the Foreign Minister, Mohammad Javad Zairf, is the first politician in Iran that has a verified account on Twitter. In addition, Zarif is active on Facebook and posts his daily reports regularly.
Rouhani and his cabinet members have been active on social networks whilst most of them like Facebook and Twitter are blocked in Iran. It means Iranian users must use circumvention tools to access Facebook and Twitter and say hello to Mr. Zarif.
Most Iranian people have recently been optimistic due to the government’s use of social networks and that this would ease the censorship of social networks. For example, on 16 September 2013, many Iranian users reported that they had access to Facebook and Twitter without any circumvention tools. This incident which was due to the ‘technical glitch’, fuelled the theory that the government had removed the filtering of Facebook and Twitter. …
Google Reader has been shut down today and to be honest, it’s not a big issue for most internet users around the world except some of them such as Iranian users.
The main reason is due to the current state of the Internet in Iran which a friend of mine mentioned it previously: “Filternet”
Internet censorship is very sophisticated in Iran although after the 2013 presidential elections, the filtering situation is better and users can access Facebook, Twitter, etc. through VPNs and other circumvention tools. But the main issue remaines and most websites and blogs are blocked in Iran. For instance, Wordpress and Blogger are completely blocked! …