Feeds

Iran president's weblog spews malware - false

Farsi-cal

Beginner's guide to SSL certificates

Reports that the new website of the President of Iran is trying to install malicious scripts on the PCs of visiting infidels are almost certainly the result of a false alarm by security packages rather than a hostile attack.

The new weblog of Iranian President Mahmoud Ahmadinejad made a splash in Western media when it launched earlier this week.

In the first posting on the site, the bricklayer-look-alike-turned-Persian-President talks about his early childhood in a village west of Tehran, his admiration for the leader of the Islamic revolution Ayatollah Khomeini and his antipathy for US foreign policy, particularly referencing the "Great Satan's" attempts to overthrow Iran's government and support for Israel. The weblog site - www.ahmadinejad.ir - is available in Farsi, Arabic, English and French and contains links for RSS fields as well as a picture gallery of the leader himself.

Commentators were quick to note the continuing internet censorship by the Iranian government, pointing to a recent campaign targeting dissident bloggers. Others pointed to the site's sloppy design which "failed all of the standard validation tests", The Telegraph notes.

Meanwhile, an Israeli blogger reports that browsing on the site generated a security alert from her Norton Internet Security software. Symantec's popular consumer security package reported that the site was attempting to exploit a vulnerability in Internet Explorer, as part of a potential malware attack, when Yael K, who maintain her own blog on immigrating to Israel, visited links from the President of Iran's website. She suggests the attack may be targeted specifically at surfers visiting the site from Israel.

Symantec is yet to respond to our requests for comment on the alert generated by its firewall software. But other security experts we asked found no evidence of malicious behaviour on the site.

"The most likely explanation is that there is some scripting on the site that, although not malicious, triggers an alert from Symantec's firewall software," said Carole Theriault, senior security consultant at UK-based net security firm Sophos.

"It is possible that malicious content has once been on the site, but has since been removed. It is also theoretically possible, though very unlikely in our opinion, that the malicious content targeted visitors from an Israeli address," she added. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals
By writing a really angry letter about how it's harming our cloud business, ta
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.