Desperate Iranian Ideas For Social Media Control

Mohammad-Ali Movahedi Kermani: not liking the Internet

In the latest desperate attempt to subvert the freedom of Iranian expression, the regime wants to enforce permits for foreign social network applications, such as Telegram and Instagram, with membership of 5000 or more users. The desire for such control also extends to other domestic platforms including Salam Up, Soroush, BisPhone, Cloob and Syna, along with advertising, news and entertainment channels on social media networks.

The cleric Mohammad-Ali Movahedi Kermani thinks that the Internet is a threat to Islam, because the Internet is full of rampant “tele-sex” and in his eyes is ultimately “immoral”. So concerned is Movahedi Kermani, that he puts the importance of subverting such “evil” as being above electoral issues or other pressing concerns, such as use of the Hijab.

Mahmoud Vaezi: deluded

Telecommunications Minister Mahmoud Vaezi thinks that channels with 5000 or more members should require permits so that the poor naive Iranian population can be assured such channels will not be fooling them with false information. Vaezi has been involved in Iran’s “filternet”, after Ahmadinejad‘s attempts in 2007 to “control” the Internet, and now the replacement “national-Internet” or Shoma, is vainly trying to do the same thing. Badly.

The Deputy Culture Minister for Communications Technology and Digital Media, Ali-Akbar Shirkavand, also wants a website that will soon be launched for administrators of such “channels” to register and continue their activities after authentication. The fear is, such controls by the regime could affect the opinions of journalists, artists and celebrities.

Cyber Police (FATA): Losing the plot

FATA chief, Brigadier General Kamal Hadianfar said that Telegram is the main platform for cybercrimes among mobile social networks. “The platform for 66% of the crimes is Telegram, while Instagram accounts for 20% and less than 2% is observed on WhatsApp,”  he said, without clarifying what “cybercrimes” were being committed via such applications… perhaps they include (according to Shirkavand anyway) copyright infringement and the sale of “immoral” goods on such channels. 

Kamal Hadianfar: battling the “evils” of social networks
A reality check: discord and feasibility
The regime’s desire to crack-down on Internet freedoms is at odds with an overtly more liberal stance on such technology by Hassan Rouhani; Rouhani calls for more freedom of expression, but everyone else wants to suppress it #awkward. For example, Attorney General Hojjatoleslam Mohammad-Jafar Montazeri wants to shut down what he calls “anti-religion” networks and said of them: “Down with the freedom that is destroying everything…this is absolute enslavement”.
There is also the minor issue (conveniently overlooked by the regime) of Iran’s inability to see the encrypted communications of platforms such as Telegram, and vain requests to get access to servers that must be placed in Iran are naive, at best. Also, what are the sentences to be expected by such “cybercriminals” who would dare to use such platforms? The whole thing is a joke and everyone knows it (even the regime).

Iranian Cyber Police Arrest Three Telegram Channel Administrators

The Iranian Students News Agency (ISNA) reported on August 9 that the Cyber Police of Iran (FATA) have arrested some Telegram administrators.

According to FATA’s legal and international deputy, Hossein Ramazani, “Recently, the cyber police were informed of four Telegram channels that published insulting materials against religious topics. After liaison with Judiciary officials, measures were taken immediately to identify and arrest these people”.

On August 9, Ramazani continued, “The cyber police detectives found out that the administrators of these channels were in Iran. The four channels were immediately blocked, and the main administrator of the channels and one of his aides were arrested yesterday”.

Colonel Hossein Ramazani stated that three people were responsible for updating the Telegram channels and that the arrested administrators were from a city in Northern Iran.

FATA say that the administrators had published “blasphemous” pictures and materials against religious sacred things and leaders by using Photoshop or other editing softwares.

Cyber Police corruption

While it is possible that such blasphemy was committed, it is equally (and perhaps more so) likely that FATA had been monitoring accounts it previous gained access to (see my previous article here)and perhaps planted such blasphemy themselves to then use as evidence in the arrests? It would not be beyond them as they try in vain to control the youth of Iran. 

It is thankful that Telegram do not host their servers in Iran and my fellow Iranians can still use Telegram, much to FATA’s frustration. It is best to enable 2FA (Two factor authentication) for Telegram, and to have private, not public channels where possible which will help defeat FATA. Also, do not always trust who you are speaking with in channels: they may well be FATA…


Iranian Hackers Attack Iranian Government Portals & Banks

The IRGC Organized Cyber Crime Investigation Center have reported that over 3,000 Iranian websites have been hacked by a group called the Mafia Hacking Team.

According to Tasnim news, IRGC Organized Cyber Crime Investigation Center spokesman Mostafa Alizadeh stated that, “The person who recently hacked state bodies’ websites managed to access banks’ data bases, including 3,000 pay slips… the person who introduced themselves as ‘Mafia Hacking Team’ in cyberspace and hacked websites of state bodies had identified well-known sites more than a year ago”

Alizadeh also added that, “This hacker tried to make these bodies realize that the security hole that exists in their portals but they did not pay any attention to this”. In other words, Iran has been caught with her cyber-underwear exposed and is very red faced!

Mostafa Alizadeh stated that the attacker had also hacked various bank information, but did not publish the information (including 3,000 payslips) as the attacker “did not have criminal intentions”, according to Alizadeh.
So it seems that Mafia Hacking Team are not black hat hackers but perhaps gray hat hackers?

The IRGC said that of the 3,000 websites attacked, 38 were Government sites, including the National Organization for Civil Registration (reported by the Iranian Young Journalists Club), Roads and Urban Development, Customs, Industries and Mines organizations. In addition, 370 University sites were also attacked.

Alizadeh was at least honest enough to admit that those “organizations do not use firewalls and lack enough experts for updating their security means”. Not the best cyber security policy perhaps…


Iranian Hackers Find Security Bug in Telegram

The Iranian Young Journalists Club (YJC) report that the popular messaging application Telegram has a security hole which has been exposed by Iranian white-hat hackers (ethical hackers). The vulnerability could cause smartphones to crash.

Telegram’s security claims challenge anyone to try and undermine its security. Two Iranian hackers have discovered a security hole in Telegram, in which it is possible to send files much larger that the existing permitted limit (set at 4,096 bytes).

The Iranian hackers uploaded a video to prove their exploit. In the video, they say that there are two responses from a recipient’s phone when Telegram messages larger than 4,096 bytes are sent. Firstly, the recipient’s internet bandwidth is accordingly reduced in relation to the size of the message until it finishes and secondly, the receiving device runs out of memory and then the application crashes the smartphone.

The hackers stated that the sender does not need to be in your contacts so you may never know the true attacker if they are using an additional SIM card, for example.

Telegram is very popular with over 25 million users in Iran and its popularity is mainly due to many rival applications being subject to Iran’s filtering restrictions.
Also, Iranians like Telegram because of the ability to create private or public “channels” and broadcast ideas through those.

However, can you really trust the encryption that Telegram uses, compared to applications like WhatsApp which use Signal standard end-to-end encryption? This article shows that maybe Iranians should think twice about using Telegram…


US Releases Iranian Hacker

30 year old Iranian hacker Nima Golestaneh was extradited to the US from Turkey last year suspected of hacking attack against American military aerospace contractor Arrow Tech Associates (Vermont, USA).

In October 2012 Golestaneh broke into the servers of the company which builds ballistics prediction and testing software, and accessed its databases in attempt to steal software worth $millions.

US investigators identified that Golestaneh was in Turkey and he was then extradited to the US last year for trial on charges of wire fraud, unauthorized access to computers and money laundering.

However Golestaneh was pardoned by the United States and sent back to the Islamic Republic before being sentenced.
It seems that Golestaneh was part of an active Iranian hacking team that targets both US infrastructure and defense companies as well as the Las Vegas Sands casino email system.


Iranian Hackers Hacked New York Dam in 2013

Iranian hackers attached the security of a dam outside of New York in 2013.
The hack of Bowman Avenue Dam near Rye Brook, New York, was not a sophisticated intrusion, but a test by Iranian hackers to see what they could access. The hackers got into the system through a cellular modem. The breach occurred during the same time that Iranian hackers were targeting US financial institutions.

The attackers were unable to get into the full dam system but could take control of the flood gates. Hackers can easily get into pieces of old critical infrastructure running on retro-fitted software that is connected to the Internet. More than 57000 industrial control systems (ICS) — more than any other country — that are largely unprotected on the Internet.

According to researchers at Shodan, a search engine that catalogs each machine online, the systems range from office air-conditioning units to major pipelines and electrical-control systems. Most of the critical infrastructure in the U.S. is privately owned, making it difficult for governments to harden the systems against attack.


Iran’s Cyber Police Crackdown on Iranian Hackers

Iranian press has reported that the country’s cyber police arrested 70 hackers.

According to Iranian Students News Agency (ISNA), the deputy commander of cyber police for legal and international affairs Colonel Hoseyn Ramezani, said that the cyber police carried out an operation from 10 August to 8 September 2015 to identify hackers and individuals who manage websites which provide hacking training and software.

Colonel Ramezani added that cyber police monitored more than 15000 websites and identified 104 violations. Additionally more than 70 hackers were identified and referred to the Judiciary.

It is possible that the cyber police exaggerates claims in an effort to use such propaganda to frighten the Iranian hacking community but time will tell.

Original ISNA Source


Operation Cleaver: Mass Hacking By Iranian State

Iranian hackers have been identified as the source of coordinated attacks against more than 50 targets in 16 countries, many of them corporate and government entities that manage critical energy, transportation and medical services.
According to Cylance, a security firm based in California in USA, over the course of two years Iranian hackers managed to steal confidential data from a long list of targets and in some cases infiltrated victims computer networks to such an extent that they could take over, manipulate or easily destroy data on those machines.
Cylance called the attacks “Operation Cleaver” because the word cleaver appeared often in the attackers malicious code.
The hackers used a set of tools that can spy and even shut down critical control systems and computer networks, and aimed them at targets in the United States, Canada, Israel, India, Qatar, Kuwait, Mexico, Pakistan, Saudi Arabia, Turkey, the United Arab Emirates, Germany, France, England, China and South Korea. 
Victims of the attacks include: US Marine Corps, a major airline, a medical university, an energy company that specializes in natural gas production, a car manufacturer, a major military installation and a large military contractor. The Islamic Republic also concentrated attacks on oil and gas industries and universities in the United States, India, Israel and South Korea and managed to steal pictures, passports and specific identifying information for students and faculty. 
Cylance said it also collected worrying evidence of attacks on transport networks, including airlines and airports in South Korea, Saudi Arabia and Pakistan. Researchers said they found evidence that hackers gained complete remote access to airport gates and security control systems, “potentially allowing them to spoof gate credentials.”


Iranian Government Spying in Social Networking Sites

No one can deny that these days millions of Iranians rely on Facebook. The high number of Facebook users in Iran, which is estimated to be anywhere between four million and five million people, makes this a social phenomena. Young Iranians are denied the most basic freedoms even in their private lives and without social liberties,what these users reflect on their Facebook pages is in effect how they would like to live.
Iranians use social networking sites among other things for political discussion, more open posting and publication of works of art and literature, the announcement of events that cannot be publicized on domestic newspapers and to find kindred spirits or like-minded people. But is it possible for Iranians appear in any arena without Islamic Republic officials cracking down on them?
In June 2014 three Ahvazi citizens were sentenced to three years in jail for creating certain Facebook pages, membership on Facebook carried a one-year sentence. Some people are arrested for crimes against morality and public decency on Facebook. In July 2014, a Revolutionary Court sentenced eight people to 127 years imprisonment in total for being active Facebook users. In another instance the Malayer Security chief announced the sentencing of 22 Facebook users, and this is a another long story.
Ali MirAhmadi, the deputy head of Iran Cyber Police has said: “The main objective of Iran’s Cyber Police is to promote cyber security through continuous observation and monitoring of cyber space. I advise all users to comply with the laws and regulations and avoid any form of offence within cyber space because the police have complete knowledge of it.”
In most cases as soon as someone is arrested for using Facebook, the Cyber Police regards him as either a spy, prostitute, enemy abettor or guilty of crimes against morals and public decency. The offences are considered to be proven in advance.
A lawyer says that judges often have no expertise in cyber technology and adds: “Judges have no expertise in computer technology and so everything goes back to the reports from the ministry of intelligence or the Cyber Police. The judge accepts these reports as expert opinions. Therefore, it is impossible to prove otherwise.”
An IT expert says the problem is that when an Iranian enters the World Wide Web, he must follow the model of use that suits his circumstances in Iran. “In our country, the internet and social networking sites are a venue for political activity. The government views this political activity as propaganda against the regime. Therefore, cyber space is under close scrutiny by the government.” The IT specialist goes on to conclude that for this reason, internet users in Iran must maintain different security criteria for themselves when they use the internet as opposed to people outside of Iran.