A TREND MICRO BLOG

Jan 5

Iranian President Ahmadinejad Official web site compromised

Rik Ferguson

Filed under: Hacking, Site Compromise | RSS 2.0 | TB | Tags: , , , , , | 3 Comments

Hot on the heels of the Cross Site Scripting attack on the Spanish EU Presidency site, the  official web site of President Ahmadinejad of Iran appears to have also been compromised.

The site www.ahmadinejad.ir, otherwise known as “Mahmoud Ahmadinejad – The Official Blog – Tehran, Islamic Republic of Iran“ has been compromised and is currently hosting a file called “owned.txt” at the URL http://www.ahmadinejad.ir/userfiles/file/owned.txt. UPDATE: The file has now been removed, see screen capture below.

Screen capture from compromised site

Click preview for larger image

The file says

“Dear God, In 2009 you took my favorite singer – Michael Jackson, my favorite actress – Farrah Fawcett, my favorite actor – Patrick Swayze, my favorite voice – Neda.
Please, please, don’t forget my favorite politician – Ahmadinejad and my favorite dictator – Khamenei in the year 2010. Thank you.”

 

The reference to “favourite voice” is probably referring to Neda Agha-Soltan who was shot dead during the 2009 Iranian election protests.

No further details are yet available on how the compromise was effected or who is responsible, if more information comes to light I will update this blog post.


Bookmark
| More

This entry was posted on Tuesday, 5. January 2010 and is filed under "Hacking, Site Compromise". You can follow any responses to this entry with RSS 2.0. You can leave a response here, or send a trackback from your own site.

3 Comments

  1. Tuesday, 5. January 2010 um 12:28 pm

    [...] This post was mentioned on Twitter by clarinette, Rik Ferguson and Rik Ferguson, Romain. Romain said: Iranian President Ahmadinejad Official web site compromised http://goo.gl/o8Fu [...]

  2. Sunday, 10. January 2010 um 3:25 am

    [...] zijn erin geslaagd de officiële website van de Iraanse president “Mahmoud Ahmadinejad” te kraken. Ahmadinejad.ir, beter bekend als “Mahmoud Ahmadinejad – The Official Blog – Tehran, Islamic [...]

  3. Monday, 18. January 2010 um 2:03 pm

    [...] av året ble f.eks. den ofisielle hjemmesiden til den iranske presidenten Ahmadinejad hacket <http://countermeasures.trendmicro.eu/iranian-president-ahmadinejad-official-web-site-compromised/> . Omtrent samtidig ble hjemmesiden til den spanske regjeringen som ble laget spesielt for [...]

Leave a comment

XHTML allowed tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Spam protection

© Copyright 2010 Trend Micro Inc. All rights reserved.
Legal Notice. Disclaimer