Anti-censorship software compromised with spyware


Popular Iranian proxy software found to include Trojan that reports user data

Tags: Cyber crime,  Iran,  Malware,  Syria

Anti-censorship software compromised with spywareA compromised version of the Simurgh proxy has been sending user data to a remote site registered with a Saudi ISP.
By Mark SuttonPublished June 3, 2012

A popular web proxy in use by Iranians and Syrians to bypass web censorship has been compromised, according researchers at the University of Toronto.

The Iranian-developed Simurgh standalone proxy, has been widely used in Iran to bypass web censorship and to allow the user to browse anonymously, but in compromised versions downloaded from the 4Shared file sharing service, an additional Trojan has been added to steal user data.

Security researcher Morgan Marquis-Boire, wrote in a blog post: “This Trojan has been specifically crafted to target people attempting to evade government censorship. Given the intended purpose of this software, users must be very careful if they have been infected by this Trojan”

The university researchers discovered the back door after making a closer examination of Simurgh as it has been growing in popularity among Syrians. The Trojan includes a keystroke logger, and appears to be sending data via HTTP post request to a remote site registered with a Saudi Arabian ISP.

Researchers say most anti-virus software should detect the Trojan, but if a user does detect an infection, they should assume that any sensitive data and accounts accessed via that PC may have been compromised and users should change passwords. The Simurgh website is also warning users to check their PCs.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Archives

Kractivism-Gonaimate Videos

Protest to Arrest

Faking Democracy- Free Irom Sharmila Now

Faking Democracy- Repression Anti- Nuke activists

JAPA- MUSICAL ACTIVISM

Kamayaninumerouno – Youtube Channel

UID-UNIQUE ?

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 6,228 other followers

Top Rated

Blog Stats

  • 1,846,087 hits

Archives

June 2012
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  
%d bloggers like this: