Tag: Iran And Iraq

FBI – Iranian Cyber Actors Targeting Defense Contractors, Schools and Energy Sector

Become a Patron!
True Information is the most valuable resource and we ask you to give back.

The following document was obtained from the website of the Marshfield, Wisconsin Chamber of Commerce.

FBI-IranianHacking

FBI Liaison Alert System #M-000045-TT

  • 10 pages
  • TLP: GREEN
  • December 5, 2014

Download

The FBI is providing the following information with HIGH confidence:

A group of cyber actors utilizing infrastructure located in Iran have been conducting computer network exploitation activity against public and private U.S. organizations, including Cleared Defense Contractors (CDCs), academic institutions, and energy sector companies. The actors typically utilize common computer intrusion techniques such as the use of TOR, open source reconnaissance, exploitation via SQL injection and web shells, and open source tools for further network penetration and persistence. Internet-facing infrastructures, such as web servers, are typical targets for this group. Once the actors penetrate a victim network, the actors exfiltrate network design information and legitimate user credentials for the victim network. Often times, the actors are able to harvest administrative user credentials and use the credentials to move laterally through a network.

According to public network registration information, IP addresses previously utilized by this group were assigned to “Tarh Andishan.” The group primarily utilized two Iran-based IP addresses to conduct its activity, 78.109.194.114 and 217.11.17.99. There has been no recent activity from these IP addresses since early 2014; however, the group now primarily utilizes a series of proxy or midpoint infrastructure in support of their computer network operations. The most recent midpoint infrastructure used by this group was located in the United Kingdom and the Netherlands.

Tools: The following tools have been known to be utilized by the cyber actors.
1021114.aspx
4g.exe
akisapi.php
ASPACK
Atkill.txt
Bitvise
c99shell.php
Cafae
Cain and Abel
CCProxy
CCproxy.zip
cmd.aspx
Cprivesc
debug.aspx
DefaultWS.asmx
Dirbuster
FileZilla
Find_tokens.exe
Find_tokens.txt
Gsecdump
Havij
hscan.zip
hscan1.2
img.asp
img.aspx
In2.txt
isapi.aspx
J.exe
Jasus.exe size: 118,272 MD5: 53841511791E4CAC6F0768A9EB5DEF8A Type: ARP POISON TOOL
Jasus.pdb
Kappfree
kappfree.dll
Kelloworld
kelloworld.dll
Klock
klock.dll
Lc.exe
lc15.exe
Libeay32.doc
Libeay32.txt
Loader.exe
LoggerModule.e
mim2.2.exe
Mimikatz
mimikatz.exe
mimikatz.swf
Mx.exe
NBrute Force
NC.exe
ncat.exe
Ncrack
Nc-themida.exe
Netcat
Netscp.exe
netscp_total.exe
Netview
Nmap
NTFS
OS_Detector.exe
ospcsvc.exe
osppsvc.exe
OSQL
ossisvc.exe
ossysvc.exe
Plink
plink.exe
priorities_readfile.aspx
Privesc.exe size: 51,200 MD5: DABF638EB53070CDC7B10BFA5E4E8142
ProcDump
proxy.php
PsExec
PsExec.exe
PsKill
PsList
Putty Link
putty.exe
pw.exe
PwDump
PwDump7.exe
PwDump7_p.exe
rdcmd.aspx
RunAs.exe
Samdump
sekurlsa.dll
Sl.exe
snmpwalk.exe
SQL Manager
STR.EXE
Themida
u.exe
U.exe size: 60,928 MD5: DDA3E5629A0E8FB63A3E19027AE45458
upload.aspx
Wcet
winBypass.php
WinDump
WinDump.exe
winpcap-nmap-4.12.exe
winusr.dll
wminotify.dll
wndTest.exe
wt.exe
xcmd-aspack.exe
xCmdSvc.exe
Xcmdt.exe
xcmd-themida.exe
xp_cmdshell
ZXPortMap.exe

IP Addresses: The following IP addresses have been observed to be utilized by the cyber actors.
64.120.208.154
78.109.194.114
159.253.144.209
217.11.17.99
95.211.191.225
95.211.241.249
95.211.241.251
108.175.153.158
88.150.214.162
88.150.214.166
88.150.214.168
88.150.214.170
184.82.158.18

Identify creation of users and databases named “haha”.

Iran News, Iran Hostage Crisis, Iran Contra Affair, Iran Flag, Iran Iraq War, Iran Castillo, Iran Nuclear Deal, Iran Map, Iran Sanctions, Iran President, Iran Air, Iran Allies, Iran Air Flight 655, Iran And Iraq, Iran Air Force, Iran Army, Iran And Russia, Iran Ayatollah, Iran And Israel, Iran And North Korea, Iran Barkley, Iran Before 1979, Iran Brown, Iran Birth Rate, Iran Bennett, Iran Boeing, Iran Beaches, Iran Beliefs, Iran Bonyads, Iran Brain Drain, Iran Contra Affair, Iran Castillo, Iran Capital, Iran Contra Affair Apush, Iran Currency, Iran Culture, Iran Contra Hearings, Iran Continent, Iran Cities, Iran Contra Affair Summary, Iran Deal, Iran Definition, Iran Deal Obama, Iran Demographics, Iran Dictator, Iran Death Penalty, Iran Democracy, Iran During The Cold War, Iran Desert, Iran Drone, Iran Election, Iran Economy, Iran Eory, Iran Embassy, Iran Etf, Iran Ethnic Groups, Iran Exports, Iran Embassy Usa, Iran Eisenhower, Iran Execution, Iran Flag, Iran Facts, Iran Food, Iran Flag Emoji, Iran Football, Iran Fighter Jet, Iranefarda, Iran Foreign Policy, Iran Foreign Minister, Iran Flag Meaning, Iran Government, Iran Gdp, Iran Gdp Per Capita, Iran Geography, Iran Government Type, Iran Green Revolution, Iran Guardian Council, Iran Gdp 2016, Iran Gay, Iran Gross Domestic Product, Iran Hostage Crisis, Iran Hostage Crisis Apush, Iran History, Iran Hostage Crisis President, Iran Hostage Crisis Definition, Iran Hostage Movie, Iran Hostage Crisis Timeline, Iran Human Rights, Iran Hostage Crisis Video, Iran Holidays, Iran Iraq War, Iran In The 70s, Iran Israel, Iran Isis, Iran In Syria, Iran Iraq Map, Iran Iraq War Causes, Iran India, Iran Iraq War Timeline, Iran Is Shia, Iran Jokes, Iran Jcpoa, Iran Judicial Branch, Iran Jewish Population, Iran Jet, Iran Jobs, Iran Jet Fighter, Iran Jersey, Iran Jewelry, Iran Japan, Iran Khodro, Iran King, Iran Kedisi, Iran Khamenei, Iran Kurds, Iran Khomeini, Iran Korea, Iran Kuwait, Iran Kidney Market, Imran Khan, Iran Launches Satellite, Iran Language, Iran Leader, Iran Live Tv, Iran Location, Iran Local Time, Iran Literacy Rate, Iran Life Expectancy, Iran Landscape, Iran Leadership, Iran Map, Iran Military, Iran Missile Test, Iran Missile, Iran Money, Iran Music, Iran Military Strength, Iran Military News, Iran Mountains, Iron Man, Iran News, Iran Nuclear Deal, Iran Nuclear Weapons, Iran Nuclear, Iran News Today, Iran Navy, Iran National Football Team, Iran North Korea, Iran Natural Resources, Iran Newspaper, Iran On Map, Iran Oil, Iran Oil Production, Iran Official Language, Iran On World Map, Iran Opec, Iran Official Name, Iran Obama Deal, Iran Outline, Iran Oil Exports, Iran President, Iran Population, Iran People, Iranproud, Iran Pronunciation, Iran Presidential Election, Iran Prime Minister, Iran Persia, Iran Pictures, Iran Politics, Iran Qatar, Iran Qatar Relations, Iran Quizlet, Iran Quds Force, Iran Queen, Iran Quotes, Iran Qom, Iran Quora, Iran Qatar Pipeline, Iran Qaher 313, Iran Religion, Iran Revolution, Iran Russia, Iran Rial To Usd, Iran Rial, Iran Resources, Iran Race, Iran Restaurant, Iran Refugees, Iran Ruler, Iran Sanctions, Iran Satellite, Iran Supreme Leader, Iran Sunni Or Shia, Iran Syria, Iran So Far, Iran Shah, Iran Saudi Arabia, Iran Shia, Iran Soccer, Iran Time, Iran Tehran, Iran Today, Iran Tv, Iran Trump, Iran Tourism, Iran Timeline, Iran Type Of Government, Iran Travel, Iran Travel Ban, Iran Uk, Iran Us Relations, Iran Under The Shah, Iran Unemployment Rate, Iran Us News, Iran University Of Science And Technology, Iran Us Embassy, Iran Uzbekistan, Iran Us Nuclear Deal, Iran Us Dollar, Iran Vs Iraq, Iran Vs Usa, Iran Volleyball, Iran Visa, Iran Vs Israel, Iran Vs Saudi Arabia, Iran Vice President, Iran Vs Isis, Iran Volleyball Team, Iran Vote, Iran War, Iran Women, Iran Wiki, Iran Weather, Iran World Map, Iran Ww2, Iran World Cup, Iran Wrestling, Iran Wikitravel, Iran White Revolution, Iran Contra Affair, Iran Castillo, Iran Capital, Iran Contra Affair Apush, Iran X, Iran Currency, Iran Culture, Iran Contra Hearings, Iran Continent, Iran Cities, Iran Yemen, Iran Youtube, Iran Youth, Iran Year, Iran Yellow Pages, Iran Yazd, Iran Year Converter, Iran Young Population, Iran Youth Population, Iran Yahoo News, Iran Zip Code, Iran Zoroastrian, Iran Zamin, Iran Zabol, Iran Zarif, Iran Zagros Mountains, Iran Zamin Bank, Iran Zoo, Iran Zumba, Iran Zamin Tv,

SECRET – U.S. Military PSYOP Leaflets from Iraq and Afghanistan

Become a Patron!
True Information is the most valuable resource and we ask you to give back.

The following are psychological operations (PSYOP) leaflets dropped over Afghanistan and Iraq during Operation Enduring Freedom and Operation Iraqi Freedom.  The leaflets are taken from a booklet released commercially by Giovanni Carmine and Christoph Büchel in 2006.  The leaflets are written in Arabic, Dari and Pashto.  Accurate translations are welcome.

Video – The Inevitable Global Spread of Islam: How long before Sharia Law reaches our shores?

Become a Patron!
True Information is the most valuable resource and we ask you to give back.

 

 

Video – The Inevitable Global Spread of Islam: How long before Sharia Law reaches our shores?

 

A sobering analysis and news reports documenting the inevitable spread of Islam across Europe and the United States. Hear the Muslim bitter and vengeful perspective of Western society and imperialism, and the inevitable desire for Sharia Law in Europe.

The Secret List of Off-Shore-Companies, Persons and Adresses, Part 73, Iran,

Officers & Master Clients (5)
Ebrahim Kahrobai
HOSSEIN MOVAHEDI ZADEH
Houshang PISHVA AZAD
Mehdi Dadpey Reza
Yaseen Gokal

Listed Addresses (5)
55 Mirzaye Shirazi P.O. Box 15955/443 Tehran – Iran
No 36 Main Street, Ekbatan, Tehran Iran
No. 128 Molasadra Street, Tehran, Iran
No. 142, Merdamad Blvard, Tehran, Iran P.O. Box 16315-571
No. 5 Omar Khayam Street Tehran IRAN

Iran News – Guy code-named “8” is arrested by counterintelligence department of MOIS

Referring to : http://cryptome.org/2013/12/ir-spy-uk-ca.htm

The news just surfaced but its not new. The guy code-named “8” is arrested by counterintelligence department of MOIS and charged with 3 claim counts.

A. Espionage and cooperation with Foreign governments.

B. Running a private network of operatives worldwide involved in “information offers and auctions and sells” with various unaligned elements.

C. Unsanctioned business with Organized Crime Groups in various areas including Nuclear data.

His case has not reached to Judicial system so no name no nothing of the person is aired. I suspect that changes soon. My source tells me the 8 had close relationship with Palestinian Islamic Jihad’s office at Tehran, beyond his formal line of duty and done many operations in favor of the Palestinian group including the huge organized attacks to U.S banking and financial firms that causes serious damage while transferred funds belonging to Islamic Jihad during the chaos to protect their western-based ops against FBI’s initiative to combat and dismantle organized cyber crimes.

8 had been providing intelligence and operational support directly tied to two top leaders of Palestinian and Lebanese Resistant movements named “Ali Atwa” and “Ramadan Abdullah Mohammad Shalah.” Both are in the “FBI’s TOP WANTED LIST” according to FBI’s official website.

The initial deal between IR and U.S. that led to tackling 8’s operations quite clearly is not going to be a hit-and-run, considering powerful elements within IR regime provide support for various organizations for who knows what reasons. If 8 is civilian (MOIS) the case should go to the “revolutionary court” and if he is in armed forces (IRGC – Army – MoD – Police) , the case must be tried at the Military Judiciary Organization according to Iranian law, confirmed by a native lawyer formerly working in Iran from where she had to flee.

Anonymous — to readers, particularly journalists who follow Iranian affairs

Most of U.S sensitive websites are not accessible to Iranian from BOTH Sides!

Here are examples :

Its attempt to connect FBI to put a tip or something :

$ curl -v fbi.gov
* About to connect() to fbi.gov port 80 (#0)
* Trying 72.21.81.85…
* connected
* Connected to fbi.gov (72.21.81.85) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: ***
> Host: fbi.gov
> Accept: */*
>
< HTTP/1.1 403 Forbidden
< Cache-Control: max-age=28800
< Content-Type: text/html
< Date: Tue, 24 Dec 2013 01:07:50 GMT
< Expires: Tue, 24 Dec 2013 09:07:50 GMT
< Server: ECAcc (jfk/25B5)
< Content-Length: 345
<

403 – Forbidden

403 – Forbidden

* Connection #0 to host fbi.gov left intact

* Closing connection #0

And here is an attempt to connect to CIA’s website:

$ curl -v cia.gov
* About to connect() to cia.gov port 80 (#0)
* Trying 198.81.129.107…
* connected
* Connected to cia.gov (198.81.129.107) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: ***
> Host: cia.gov
> Accept: */*
>
< HTTP/1.1 403 Forbidden
GET / HTTP/1.1
> User-Agent:***
> Host: whitehouse.gov
> Accept: */*
>
< HTTP/1.1 403 Forbidden
< Connection:close
<

Nany of the same websites belonging to IR are also forbidden to visit from U.S IP. Its ironic when the leaders of the countries trying to negotiate huge deals or shitting on them to change the history, they generally do not recognize the right of the other side to visit websites and read casual data, mostly bullshit for average netizens.

TOP-SECRET – Unveiled – Iran’s New Sea-based Missiles

                         GMT – 21:54 / تهران – 02:24

گروههاي خبري
عناوين کل اخبار
انتخابات ٩٢
اجتماعي
اقتصادي
بين الملل
سياسي
دانشگاه
فرهنگي
ورزشي
استانها
عکس
صوت و تصوير
سياست خارجي
ديدگاه
فضاي مجازي
حماسه و مقاومت
ديپلماسي عمومي و جنگ نرم
انتشارات
آرشيو اخبار :
92/02/22 – 10:31
شماره: 13920216000464
نسخه چاپيارسال به دوستان
سردار فرحی در گفت‌وگو با فارس اعلام کرد
تجهیز شناورهای سپاه به موشک‌های کروز با برد بیش از ۳۰۰ کیلومتر

رئیس سازمان هوافضای وزارت دفاع و پشتیبانی نیروهای مسلح از برنامه‌ریزی برای تحویل موشک‌های کروز پیشرفته با برد بیش از ۳۰۰ کیلومتر به نیروی دریایی سپاه خبر داد.

خبرگزاری فارس: تجهیز شناورهای سپاه به موشک‌های کروز با برد بیش از ۳۰۰ کیلومتر

 

سردار سید مهدی فرحی رئیس سازمان هوافضای وزارت دفاع و پشتیبانی نیروهای مسلح در گفتگو با خبرنگار دفاعی خبرگزاری فارس، با اشاره به تجهیز نیروهای مسلح از سوی این وزارتخانه به انواع تسلیحات نظامی ازجمله موشک و راکت گفت: تاکتیک‌ها و نحوه استفاده از این تجهیزات و تسلیحات به عهده فرماندهان نیروهای مسلح است.

وی ادامه داد: محصولات متعددی از جمله موشک‌های 300 کیلومتری در اختیار نیروی دریایی سپاه است.

فرحی تاکید کرد: بزودی محصولات جدید دیگری با بردهای مختلف و قابلیت‌های فوق‌العاده پیشرفته و از نوع کروز در اختیار نیروی دریایی سپاه قرار می‌گیرد.

رئیس سازمان هوافضای وزارت دفاع و پشتیبانی نیروهای مسلح اظهار داشت: دقت و برد موشک‌های جدید نسبت به موشک‌های 300 کیلومتری که اکنون در اختیار نیروی دریایی سپاه است، افزایش یافته است.

فرحی همچنین تاکید کرد: این موشک می‌‌تواند توان دفاعی ما را در نبردهای دریایی افزایش دهد.

به گزارش فارس، موشک‌های کروز ساحل به دریا و سطح به سطح با قابلیت‌های خاص خود، می‌توانند در مقابله با انواع تهدیدات، تاکتیک های خود را تغییر داده و این تغییر تاکتیک‌ها نیز در اختیار فرمانده نیرو قرار دارد.

موشک های کروز که امکان شلیک آنها از روی شناور نیز وجود دارد، می‌توانند از روی شناورهای با سرعت بالای 30 نات (حدود 60 کیلومتر) نیز شلیک شوند که از نمونه های قبلی در این حوزه می توان به موشک های کروز ظفر، نصر، نور، قادر و غدیر اشاره کرد.

انتهای پیام/

 

 

Iran’s New Sea-based Missiles

 

A sends:

Source : http://www.farsnews.com/newstext.php?nn=13920216000464

Today 5-12-2013, General Farahi, the chief of the Iranian Ministry of Defense’s Aerospace Organization, has announced a new series of fast-acting sea-based rockets and missiles have been produced and turned over to IRGC’s Navy force. This force is responsible for “the security” of the Persian Gulf and the infamous Hormoz Strait.

According to publications by FarsNews, a semi-state-run media, IRGC’s Navy has been operating a series of fast-acting rockets and missiles fit to be fired from small-scale fast boats named “Zafar”, “Nasr”, “Nour”, Ghader” and “Ghadir”, but the newly produced “Cruise Type” missile which is unnamed in the report, has a firing speed of 300 Km/h and can be fired from a moving boat at a speed of 30 knots.

Netizens.