Masress : Experts see Iranian link in attempt to hack Syrian dissident

Egypt's golf chief Omar Hisham Talaat elected to Arab Golf Federation board Egypt extends Eni's oil and gas concession in Suez Gulf, Nile Delta to 2040 Egypt, India explore joint investments in gas, mining, petrochemicals Egypt launches National Strategy for Rare Diseases at PHDC'25 Egyptian pound inches up against dollar in early Thursday trade Singapore's Destiny Energy to invest $210m in Egypt to produce 100,000 tonnes of green ammonia annually Egypt's FM discusses Gaza, Libya, Sudan at Turkey's SETA foundation UN warns of 'systematic atrocities,' deepening humanitarian catastrophe in Sudan Egypt's Al-Sisi ratifies new criminal procedures law after parliament amends it Egypt launches 3rd World Conference on Population, Health and Human Development Cowardly attacks will not weaken Pakistan's resolve to fight terrorism, says FM Egypt's TMG 9-month profit jumps 70% on record SouthMed sales Egypt adds trachoma elimination to health success track record: WHO Egypt, Latvia sign healthcare MoU during PHDC'25 Egypt, India explore cooperation in high-tech pharmaceutical manufacturing, health investments Egypt, Sudan, UN convene to ramp up humanitarian aid in Sudan Egypt releases 2023 State of Environment Report Egyptians vote in 1st stage of lower house of parliament elections Grand Egyptian Museum welcomes over 12,000 visitors on seventh day Sisi meets Russian security chief to discuss Gaza ceasefire, trade, nuclear projects Egypt repatriates 36 smuggled ancient artefacts from the US Grand Egyptian Museum attracts 18k visitors on first public opening day 'Royalty on the Nile': Grand Ball of Monte-Carlo comes to Cairo VS-FILM Festival for Very Short Films Ignites El Sokhna Egypt's cultural palaces authority launches nationwide arts and culture events Egypt launches Red Sea Open to boost tourism, international profile Qatar to activate Egypt investment package with Matrouh deal in days: Cabinet Omar Hisham Talaat: Media partnership with 'On Sports' key to promoting Egyptian golf tourism Sisi expands national support fund to include diplomats who died on duty Madinaty Golf Club to host 104th Egyptian Open Egypt's PM reviews efforts to remove Nile River encroachments Al-Sisi: Cairo to host Gaza reconstruction conference in November Egypt will never relinquish historical Nile water rights, PM says Egypt resolves dispute between top African sports bodies ahead of 2027 African Games Germany among EU's priciest labour markets – official data Paris Olympic gold '24 medals hit record value It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game Russia says it's in sync with US, China, Pakistan on Taliban Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights Sudan says countries must cooperate on vaccines Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19 Egypt to tax bloggers, YouTubers Egypt's FM asserts importance of stability in Libya, holding elections as scheduled We mustn't lose touch: Muller after Bayern win in Bundesliga Egypt records 36 new deaths from Covid-19, highest since mid June Egypt sells $3 bln US-dollar dominated eurobonds Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform

Thank you for reporting!

This image will be automatically disabled when it gets reported by several people.

Experts see Iranian link in attempt to hack Syrian dissident

AP Published in Ahram Online on 02 - 08 - 2016

Syrian opposition activist Noura Al-Ameer was combing through her emails late one night when a message caught her eye. The sender was "Assadcrimes" and he promised information about Iranian meddling in the Middle East. But the email seemed odd.
Al-Ameer turned to her husband, cybersecurity trainer Bahr Abdul Razzak, in their small, book-cluttered home in the Turkish city of Gaziantep.
"Have you heard of this group before?" Al-Ameer asked.
"No," he said. "But let me check the email."
Abdul Razzak, a fellow at internet watchdog group Citizen Lab, quickly determined that the group was bogus. The email, sent on Oct. 3 last year, was an electronic trap — one of hundreds of malicious messages that have flown back and forth as rebels grapple with the government of Bashar Assad in Syria. This one had been aimed at snaring Al-Ameer in particular; the website registered by the hacker was in her name, suggesting an attempt to steal her identity.
Al-Ameer is a well-known opposition figure, and stealing her data or her identity could have been the jumping off point to attack other Syrians in and out of the country.
As Abdul Razzak and his colleagues tried to trace the hackers, they found a trail of digital clues leading to Iran. Their story — detailed in a report issued Tuesday by Citizen Lab, an interview with the couple and conversations with outside experts — raise the possibility that Iran has gone beyond sending men and materiel to tip the scale in Assad's favor.
The country's hackers may have joined the fray as well.
"It's not a shock," said Al-Ameer, a 29-year-old who spent six months in Syrian government detention before moving to Turkey in 2013. "They're fighting our people on the ground. I think it's normal for any side that fights you on the ground to fight you on the internet."
Evidence of an Iranian link is outlined in a 56-page report by Citizen Lab, based at the Munk School of Global Affairs at the University of Toronto. The group has made a specialty of tracking the hackers who've dogged Syria's opposition, which lead author John Scott-Railton said had turned into "something of a petri dish for threat actors in the Middle East."
The report says those behind the "Assadcrimes" website appear to have inadvertently exposed their site's logs, showing evidence that its creators accessed it in part from the Iranian internet space. The site itself briefly hosted a Farsi-language email service, and a string of data recovered from the malicious code used to target Al-Ameer appeared to refer to a developer who runs a malicious software site registered in the Iranian city of Shiraz.
The evidence isn't conclusive but it "lets us think that we're perhaps looking at a group that's operating from Iran," Scott-Railton said. He cautioned that it wasn't possible to say much about the group's potential sponsorship — government or otherwise.
An outside expert who evaluated Citizen Lab's report endorsed its work.
The botched cyberespionage attempt "is consistent with Iranian activity we've previous observed, in terms of operational security, social engineering, and technical sophistication," said John Hulquist, a threat intelligence manager at network security company FireEye, based in Milpitas, California.
Calls to Iran's Embassy in Paris were not answered Tuesday.
The hackers in Al-Ameer's case appear to have made some mistakes. But Scott-Railton said those who target Syria's scattered opposition activists are only as sophisticated as they need to be. Many groups operating in the area, including the pro-Assad Syrian Electronic Army, have used very simple tools and persistent trickery to repeatedly compromise savvier targets.
"Not all hacking in a conflict looks like Stuxnet," said Scott-Railton, referring to the complex computer bug widely suspected of being unleashed by the United States to sabotage Iran's nuclear program. "What this shows is how powerful social engineering is."
Al-Ameer said that, in a way, the hacking was scarier than when she says she was arrested and tortured at the hands of Assad's security forces.
"When they arrested me, I was careful just tell them what I wanted," she said. "When they hack you, they will know everything without harming you physically. For our case, it's more dangerous than arresting.
"Inside Syria or outside Syria, we're not safe."

Clic here to read the story from its source.