I have just received an email from the israeli hacker dubbed you-ri-k@n providing me with some details about a peculiar Cyber Attack against an Iranian news web site. Looks like you-ri-k@n has a kind of predilection for Iran: you will probably remember him for his last cyber attack (nearly a couple of months ago) targeting the Iranian Meteorological Organization.
This time the victim is the Islamic Republic Of Iran Broadcasting World Service, whose main page currently shows a fake news reporting the death of Mahmoud Ahmadinejad, the sixth and current President of the Islamic Republic of Iran, in a plane crash.
Clicking on the “News” button redirects the user to an image where (few) additional details about the fake incident are provided:
Few days ago, with the flame still burning, Iranian officials claimed to be under the fire of a massive cyber attack. Of course this isolated episode may not be compared with Stuxnet or The Flame, nevertheless it shows that, even if in a microscopic scale, the cyber tension between the two countries is still high.
- A New Beginning For The Middle East Cyberwar? (hackmageddon.com)
After several months of silence, a new resounding dump in Middle East.
I have just received an email message from you-r!-k@n, one of the early pro-Israeli contenders of the Middle East Cyber War, advising me of a new huge dump against an Iranian Server (irimo.ir, Iranian Meteorological Organization), which is currently unavailable. He claims to have acquired administrator privileges for the domain (1500 computers and server, 400 users), and has posted some screenshot as evidence, and the list of 400 Active Directory Users.
Of course I have decided not to publish the list except a small sample (which appears to come from a Windows 2000 Server), but cannot help but notice that, after a couple of months of silence, this is the first new event that closely resembles the resounding dumps which characterized the very first stage of the Middle East Cyber War.
Will this be an isolated episode or a brand new precursor of a new wave of attacks in the Middle East?
Update: Irimo.ir is currently unavailable, however, I was given a screenshot of the site before it was taken down. Looking at the messages left on the devastated site (which announced the erase of the Active Directory), it is interesting to notice that the reference to the Nuclerar as to reaffirm that the standoff between Israel and Iran about the Nuclear Strategy of Tehran, is influencing also the Cyber Space.