February 13, 2018 Iran’s Maher Computer Emergency Response Team Coordination Center has published an extensive report on the February 10 cyber attacks on a number of Iranian online news sites including Qanoon, Arman and Setareh Sobh.
Maher, which is closely linked to the Information Technology Organization of Iran (ITO), has said that the U.S. and the UK have been behind the recent cyber attacks. It has warned that more than 30 Iranian online news sites are susceptible to cyber attacks.
“Our technical team has determined that a single source used Windows Operating System, Internet Information Service (IIS) and an open-source server-side web application framework (ASP.NET) to launch these coordinated cyber attacks,” Maher reported. The report added: “We have identified five Internet Protocol (IP) addresses in the U.S. and the UK as the sources of these attacks.”
The report added: “Between February 8 and 10, the culprit identified certain vulnerabilities in the computer network connections and polluted the entire internet with Packet Injection. They intended to disrupt and intercept communication between various parties.” It concluded: “Almost all of the news sites that were hacked had vulnerabilities in their hosting platforms and weak passwords.”