Web-based news from Iran may contain malware

Do the street demonstrations in Iran, protesting the stolen elections by the mullahs, herald an upheaval similar to that which toppled the communist regimes in East Germany and Romania two decades ago? We will have to wait and see. One aspect of the unrest is noted in reports by the media: the Iranian opposition’s embrace of social media (ABC News), especially Twitter (YNet), to get around the government’s attempts to control information regarding this weekend’s contested election and subsequent protests. At the same time, Security Management reports that a security researcher is warning people that cybercriminals will use the crisis to spread malware. John Bambenek, of the Sans Internet Storm Center, warned people clicking on links in random tweets on events in Iran, that

From an information security perspective, the threat is leading people to malicious websites. Set up a blog with an archive of posts on the issue, “borrow” a few pictures of the conflict and post them.  Tweet a message that says “live images of protesters being shot at” and point to your blog that also includes pre-tested malware that is known to be not detected by AV vendors.  Twitter and social networking tools provide another mechanism to lead people to the cyber-threat where only e-mail was used before.  Twitter has no “anti-spam” features, everyone talking about a subject shows up.

So while the use of Twitter and other tools provide for a means to breach censorship rules of foreign regimes, it does not come without risks. Is the information valid? Is it leading you to malware infecting your machine?

Matthew Harwood suggests those looking to stay up-to-date on tweets in real-time regarding events on the ground in Iran, should check out Monitter, which monitors Twitter and aggregates tweets in one easy location.