The answer to 1984... is 1776

Friday, December 18, 2009

Iran controls twitter? ya right..

Editors Note: Once again the establishments attempts to demonize Iran. 
The quicker we learn Fear is the primary factor behind social engineering strategies
the quicker we expose their 'False Flag' operations. see Oct 30, 2008's RAND Lobbies Pentagon: Start War with (Iran/China) To Save U.S. Economy. (with sources.)

Expert social engineer specialist of the 1940's Bertrand Russell said it best:
"Collective fear stimulates herd instinct, 
and tends to produce ferocity toward 
those who are not regarded as members of the herd."

 The Guardian

Popular online messaging service Twitter was left reeling overnight, after Iranian hackers appeared to break into the site and deface it.

The strike left the site completely unavailable for several hours in the early hours of Friday morning, with the site's estimated 30m users unable to access the service or send messages to each other online.
The incident took place some time around 6am in the UK, when the main Twitter page suddenly seemed to disappear – instead replaced with a stark black and red screen featuring an image of a flag.
The page, which carried a mixture of English and Farsi slogans, appeared to name the group behind the attack and offer a call to arms.

"This site has been hacked by the Iranian Cyber Army," said the message.
"The USA thinks they control and manage internet access, but they don't. We control and manage the internet with our power, so do not try to the incite Iranian people."
The site returned to normal functions around two hours later, with staff telling users that it had suffered from "unplanned downtime".

Although early reports suggested the site itself had been breached by attackers, it now seems that the strike was actually a crude form of assault known as a DNS hijack.
The DNS, or Domain Name System, is effectively a telephone directory of the internet – connecting the name of a website, such as or, to the web servers that hold its contents.
In hijacking cases, computer criminals effectively redirect the traffic intended for a particular website, sending users to a page of their own choice rather than the planned destination.

Around two and half hours after the outage occurred, Twitter staff issued a short statement on the company's blog confirming the style of the attack it had suffered.

"Twitter's DNS records were temporarily compromised but have now been fixed," said the post. "We are looking into the underlying cause and will update with more information soon."

It is not the first time that Twitter has found itself subject to attention due to its links with Iranian activists.
During the uprising that followed the elections in June this year, in which incumbent president Mahmoud Ahmadinejad eventually triumphed, the US state department urged the site to remain online to allow more information about the protests to spread online.

Little is known, however, about the group who appeared to claim responsibility for hacking Twitter. But the nature of the messages they left appears somewhat confusing.

Though the text left by the hackers appeared to be anti-American, they also used the image of a green flag – the colour connected to the election protesters, and to Mir-Hossein Mousavi, the main challenger to President Ahmadinejad.

Twitter hack claimed by Iranian group

Twitter users were unable to send updates for 90 minutes overnight after the site was hacked by a group claiming to be the "Iranian Cyber Army".

The hackers also posted the slogan "Hezbollah is victorious" on the site in Arabic.
Twitter has been a popular tool for anti-Ahmadinejad activists in Iran who have used it raise awareness of their demonstrations against the Iranian president to western media.
As Twitter users can hide their real identities, it has been suggested the site could be used by western governments to encourage Iranians to demonstrate against Ahmadinejad.
Blogs and websites have become significant battlegrounds between people who support Ahmadinejad's regime and those who think he should be removed.

Earlier this week, Channel 4 News broadcast an interview with a defecting member of the Basij militia.
The subsequent blog posted by reporter Lindsey Hilsum has attracted a significant and heated response from readers, as so often happens when blogs are posted on the subject of Iran.

Twitter hack reveals
Ben Cohen, Channel 4 News technology correspondent, writes -
It's significant not just because of who are claiming to have succeeded in hacking into this high-profile service, but also because Twitter is touting itself to be the communications network of the future.

Twitter themselves say that the incident occurred as a result of an attack of Twitter's DNS- domain name system. These are the computers that translate the web address into the IP (internet protocol) number of the various servers around the world that power the Twitter service.

The hackers managed to redirect all requests for to their own server, where a page saying “This site has been hacked by the Iranian Cyber Army” appears.
A further message appears in Farsi, and in broken English the following also appears –

U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don’t, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To….
Take Care

During the disputed Iranian election earlier this year, opposition supporters used Twitter in order to organise demonstrations and push news out to the rest of the world. The country attempted to block Twitter’s use from within Iran.

Just this week, our international editor Lindsay Hilsum conducted an interview with a defector from the Basij milita who confessed to having helped rig the election. We published the story and an untranslated 15-minute extract in Farsi, which brought high traffic levels to the Channel4 News.

Some were sceptical about whether today’s attack really came from Iran, but it’s now emerged that at the same time as Twitter was hacked, a similar message appeared on Iranian opposition news website This site still seems to be hacked.

The hack that occurred on Twitter itself is significant beyond any wider political motives. It shows that what is the world’s fastest growing communication network is rather insecure.

Being able to change the DNS records of a website means that rather than simply redirecting users to a vanity page identifying the hack, hackers could actually have redirected people to a site that looked rather like Twitter itself.
In a similar way to phishing attacks that mimic online bank accounts, the hackers could have encouraged users to login, thus revealing usernames and passwords.
Expert Rik Ferguson of Trend Micro told me: “One has to wonder how quickly the attack would be noted if the dummy site was an exact replica of the victim and was simply there to harvest credentials and redirect the user then into the real site.
“This attack is called “pharming” and currently mostly happens as a result of local malware modifying individual PCs, not through the compromise of global DNS records. But the potential is demonstrably there.
“Companies should be monitoring their DNS resolution on several servers to become aware as early as possible when this kind of attack takes place.
“If attacks like this can be said to serve any purpose at all, then perhaps they can serve as a reminder that we all need to absolutely ensure that our business partners meet our own high security standards, and that stands in both the on and offline worlds."
However, now more people access Twitter through third party applications and websites than through the website itself, so many would not have seen the page placed there by hackers. Even so, most of these sites still need access to to function, and so for most, it was impossible to post updates to Twitter at all for some time.
Biz Stone, the co-founder of Twitter, posted a blog saying: “As we tweeted a bit ago, Twitter’s DNS records were temporarily compromised tonight but have now been fixed.
“As some noticed, was redirected for a while but API and platform applications were working. We will update with more information and details once we’ve investigated more fully.”
But Twitter doesn’t have the best record when it comes to security. In the past it was revealed by bloggers that Twitter’s administration system had a password which was set as “password”. Two months ago, it was reported that their web servers were misconfigured to reveal vital internal network information.
Twitter isn’t just a small startup any more. They have raised $57m from venture capitalists and believe that by the end of 2013 they’ll bring in $1.54bn in revenue. If they are to be a prime communication tool for the masses, they need to get their security in order.

 From: Reuters was redirected for a while, but some applications were working, the company said on its blog.

Twitter was investigating the issue and would provide more information when available, it said.

According to media reports, the site was hacked for about two hours Thursday night by a group calling itself the "Iranian Cyber Army."

The group also hacked an Iranian opposition website, the reports said.
(Reporting by A.Ananthalakshmi in Bangalore)


The last major outage occurred in August, when a two-pronged wave of attacks crippled the service, leaving it completely inaccessible by users for an entire day.
That denial-of-service attack, which was directed at a single blogger who had written posts voicing support for the Republic of Georgia in that country’s continuing conflict with Russia, was lobbed at Facebook, LiveJournal, YouTube and other social networks, in addition to Twitter.
But Twitter was the only service that was completely overwhelmed by the cyberattack, and it struggled to get back online in its aftermath.


On the early hours of Friday morning, the Iranian Cyber Army "clatwitter" (no source provided) downimed it has hacked into Twitter. The microblogging site was down for nearly an hour, leaving millions in the eastern hemisphere tweetless. The reasoning behind this attack is suspicious, especially as Twitter was a core tool this summer for Iranian protesters to put their story out.

Twitter is back up now, saying in its status page that the DNS records were temporality compromised. Regardless, the alleged Iranian hackers managed to deface Twitter home page with the message: "This site has been hacked by the Iranian Cyber Army." (as per image above; click on it for a closer look).

The reasoning behind the attack is not known as of yet. The group was previously unknown, and some speculate this attack was carried out by pranksters, rather than pro-Iranian campaigners. Graham Cluley, from the Sophos security firm, writes on his blog that the message posted "does not necessarily mean that hackers from Iran are responsible for the defacement."

When Iran's presidential election was believed fraudulent this summer, protests turned bloody and the opposition used Twitter to put their message out to world. Actually, Twitter became the leading source of the story, with videos and photos pulled from the site by all major media outlets, which were banned from reporting from inside the country.

Twitter also did a favor for the Iranian protesters back in the summer, with intervention from the U.S. State Department. The site delayed a planned maintenance shutdown, only to be able to continue spreading the message of the Iran protests turned bloody. The events in Iran were also the biggest trending topic in the news category on Twitter this year, followed by swine flu and Gaza.

Twitter helped the people of Iran to put their message out when nothing else could. The reasoning behind the alleged hackers, the Iranian Cyber Army, several months later is nothing short of strange.

No comments:

Post a Comment