Profiling FBI's Most Wanted Iran-based Cybercriminals - Mohammad Sagegh Ahmadzadegan - An OSINT Analysis

In this post I've decided to expose and offer personally identifiable information on Iran's based cybercriminal known as Mohammad Sagegh Ahmadzadegan for the purpose of assisting U.S Law Enforcement on its way to track down and prosecute the cybercriminals behind these campaigns.

Sample personally identifiable information on Mohammad Sagegh Ahmadzadegan includes:

Name: Mohammad Sagegh Ahmadzadegan

Handle: Nitrojen26

Email: nitr0jen26@asia[.]com; Nitrojen26@yahoo[.]com; me@sadahm[.]net

Web Site: hxxp://sadahm[.]com

Social Media Accounts: https://twitter[.]com/nitrojen26

Sample personally identifiable photos of Mohammad Sagegh Ahmadzadegan include:

Stay tuned!

Continue reading →

Profiling a Currently Active Personal Email Address Portfolio of Members of Iran's Ashiyane Digital Security Team - An OSINT Analysis

Dear blog readers,

I've decided to share with everyone a currently active personal email portfolio belonging to members of Iran's  Ashiyane Digital Security Team with the idea to assist everyone in their cyber attack or cyber threat actor attribution campaigns.

Sample currently active personal emails known to belong to members of Iran's Ashiyane Digital Security Team:

m0stagim@gmail[.]com

mtn97[.]hacker@yahoo[.]com

si13nt_si13nt@yahoo[.]com

midia595@yahoo[.]com

Dead[.]Zone@att[.]net

n0_sec@yahoo[.]it

MagicC0d3r@gmail[.]com

Faghat_be_khatere_to6000@yahoo[.]com

raminshahkar73@yahoo[.]com

nitr0jen26@asia[.]com

Lord[.]private@ymail[.]com

mehdy007@hotmail[.]fr

plus[.]ashiyane@gmail[.]com

pashe_kosh9@yahoo[.]com

omid[.]ghaffarinia@gmail[.]com

Pashekosh8@gmail[.]com

pashe_kosh8@yahoo[.]com

Sun[.]Army@Asia[.]com

sajjad13and11@yahoo[.]com

sajjad13and11@yahoo[.]com

Faridmahdavi90@yahoo[.]com

omid[.]ghaffarinia@alum[.]sharif[.]edu

Nitrojen26@Yahoo[.]Com

h-skeepy@att[.]net

datacoders25@gmail[.]com

ica_r00t@yahoo[.]com

nic[.]ir@live[.]com

arta_ir313@yahoo[.]com

h[.]sk33py@y7mail[.]com

Mazhar_FashisT@yahoo[.]com

Mazhar[.]Fashist@gmail[.]com

support@multivpn[.]info

l_l_darkl0rd_l_l@yahoo[.]com

Xhacker42@yahoo[.]com

datacoders25@gmail[.]com

Mr[.]Skitt3r@att[.]net

xpr_program@yahoo[.]com

Skitt3r@yahoo[.]com

4rM4n@att[.]net

V30sharp@yahoo[.]com

hellboy[.]blackhat@yahoo[.]com

hosseinxpr@gmail[.]com

Fire[.]Mafia@yahoo[.]com

mr[.]xp[.]20@gmail[.]com

l2odon@yahoo[.]com

eparsdata@gmail[.]com

parshost1@gmail[.]com

mr[.]xp[.]20@gmail[.]com

w0rm[.]c0d3r[.]blackhat@gmail[.]com

l3lackhat@yahoo[.]Com

l3lackhat[.]ir@gmail[.]com

ZER0CoOL_H@yahoo[.]com

n3td3vil[.]nopotm@gmail[.]com

0xsecure[.]network@gmail[.]com

ashkan_wanted@yahoo[.]com

kinglet@hackermail[.]com

cyb3rg0df4th3r@yahoo[.]com

smart[.]noise@yahoo[.]com

D3lt4_l0rd@yahOO[.]com

bl4ck_l0rd@yahoo[.]com

Delta[.]Secure@Gmail[.]Com

ashiyane[.]center@gmail[.]com

L0rd@dr[.]com

Cru3l[.]b0y@gmail[.]com

ashiyane[.]center@gmail[.]com

iranweb@socal[.]rr[.]com

behrooz_ice@yahoo[.]com

Delta[.]Secure@gmail[.]Com

nima[.]salehi@yahoo[.]com

behrooz_ice@yahoo[.]com

behrooz[.]kamalian@yahoo[.]com

behrooz[.]kamalian@gmail[.]com

unique2world@gmail[.]com

hossein19123@yahoo[.]com

pr0grammer[.]ashiyane@gmail[.]com

Milad_a[.]kh22@yahoo[.]com

ashiyane_org@yahoo[.]com

Sha2ow@hackermail[.]com

Prince[.]H4ck@gmail[.]com

goldhat@hackermail[.]com

mr_det3ct0r@yahoo[.]com

keyoube@yahoo[.]com

bbc@irsecteam[.]org

v[.]elmi67@yahoo[.]com

skychat_vhd@yahoo[.]com

mr[.]shahram@irsecteam[.]org

alimp5@sepnata-team[.]org

ali0511@irsecteam[.]org

turkish_boy73@yahoo[.]com

dangel2[.]team@gmail[.]com

xehsan902@gmail[.]com

saeidperak@yahoo[.]com

silentxhacker@yahoo[.]com

v[.]elmi67@yahoo[.]com

babolhost@gmail[.]com

Stay tuned!

Continue reading →

Exposing FBI's Most Wanted Iran's Mabna Hackers - An OSINT Analysis

Dear blog readers,

In this post I've decided to share actionable intelligence on the online infrastructure of FBI's Most Wanted Iran's Mabna Hackers for the purpose of assisting everyone in their cyber attack and cyber threat actor attribution campaigns.

mlibo[.]ml

blibo[.]ga

azll[.]cf

azlll[.]cf

lzll[.]cf

jlll[.]cf

elll[.]cf

lllib[.]cf

tsll[.]cf

ulll[.]tk

tlll[.]cf

libt[.]ga

libk[.]ga

libf[.]ga

libe[.]ga

liba[.]gq

libver[.]ml

ntll[.]tk

ills[.]cf

vtll[.]cf

clll[.]tk

stll[.]tk

llii[.]xyz

lill[.]pro

eduv[.]icu

univ[.]red

unir[.]cf

unir[.]gq

unisv[.]xyz

unir[.]ml

unin[.]icu

unie[.]ml

unip[.]gq

unie[.]ga

unip[.]cf

nimc[.]ga

nimc[.]ml

savantaz[.]cf

unie[.]gq

unip[.]ga

unip[.]ml

unir[.]ga

untc[.]me

jhbn[.]me

unts[.]me

uncr[.]me

lib-service[.]com

unvc[.]me

untf[.]me

nimc[.]cf

anvc[.]me

ebookfafa[.]com

nicn[.]gq

untc[.]ir

librarylog[.]in

llli[.]nl

lllf[.]nl

libg[.]tk

ttil[.]nl

llil[.]nl

lliv[.]nl

llit[.]site

flil[.]cf

e-library[.]me

cill[.]ml

fill[.]cf

libm[.]ga

eill[.]cf

llib[.]cf

eill[.]ga

nuec[.]cf

illl[.]cf

cnen[.]cf

aill[.]nl

eill[.]nl

mlib[.]cf

ulll[.]cf

nlll[.]cf

clll[.]nl

llii[.]cf

etll[.]cf

1edu[.]in

aill[.]cf

atna[.]cf

atti[.]cf

aztt[.]tk

cave[.]gq

ccli[.]cf

cnma[.]cf

cntt[.]cf

crll[.]tk

csll[.]cf

ctll[.]tk

cvnc[.]ga

cvve[.]cf

czll[.]tk

cztt[.]tk

euca[.]cf

euce[.]in

ezll[.]tk

ezplog[.]in

ezproxy[.]tk

eztt[.]tk

flll[.]cf

iell[.]tk

iull[.]tk

izll[.]tk

lett[.]cf

lib1[.]bid

lib1[.]pw

libb[.]ga

libe[.]ml

libg[.]cf

libg[.]ga

libg[.]gq

libloan[.]xyz

libnicinfo[.]xyz

libraryme[.]ir

libt[.]ml

libu[.]gq

lill[.]gq

llbt[.]tk

llib[.]ga

llic[.]cf

llic[.]tk

llil[.]cf

llit[.]cf

lliv[.]tk

llse[.]cf

ncll[.]tk

ncnc[.]cf

nctt[.]tk

necr[.]ga

nika[.]ga

nsae[.]ml

nuec[.]ml

rill[.]cf

rnva[.]cf

rtll[.]tk

sctt[.]cf

shibboleth[.]link

sitl[.]tk

slli[.]cf

till[.]cf

titt[.]cf

uill[.]cf

uitt[.]tk

ulibe[.]ml

ulibr[.]ga

umlib[.]ml

umll[.]tk

uni-lb[.]com

unll[.]tk

utll[.]tk

vsre[.]cf

web2lib[.]info

xill[.]tk

zedviros[.]ir

zill[.]cf

Sample URL structure for the rogue and fraudulent online phishing infrastructure for the campaign:

ezvpn[.]mskcc[.]saea[.]ga

library[.]asu[.]saea[.]ga

library[.]lehigh[.]saea[.]ga

moodle[.]ucl[.]ac[.]saea[.]ga

saea[.]ga

unex[.]learn[.]saea[.]ga

unomaha[.]on[.]saea[.]ga

www[.]uvic[.]saea[.]ga

catalog[.]lib[.]usm[.]edu[.]seae[.]tk

elearning[.]uky[.]edu[.]seae[.]tk

www[.]aladin[.]wrlc[.]org[.]seae[.]tk

alexandria[.]rice[.]ulibr[.]ga

cmich[.]ulibr[.]ga

columbia[.]ulibr[.]ga

edu[.]edu[.]libt[.]cf

ezproxy-authcate[.]lib[.]monash[.]ulibr[.]ga

login[.]revproxy[.]brown[.]edu[.]edu[.]libt[.]cf

ezproxy-authcate[.]monash[.]lib[.]ulibr[.]ga

ezproxy-f[.]deakin[.]au[.]ulibr[.]ga

lib[.]dundee[.]ac[.]uk[.]ulibr[.]ga

cas[.]usherbrooke[.]ca[.]cavc[.]tk

catalog[.]lib[.]ksu[.]edu[.]cavc[.]tk

isa[.]epfl[.]ch[.]cavc[.]tk

login[.]vcu[.]edu[.]cavc[.]tk

www[.]med[.]unc[.]edu[.]cavc[.]tk

cas[.]iu[.]edu[.]cavc[.]tk

ltuvpn[.]latrobe[.]edu[.]au[.]reactivation[.]in

passport[.]pitt[.]edu[.]reactivation[.]in

edu[.]login[.]revproxy[.]brown[.]edu[.]libt[.]cf

shibboleth[.]nyu[.]edu[.]reactivation[.]in

login[.]revproxy[.]brown[.]edu[.]login[.]revproxy[.]brown[.]edu[.]libt[.]cf

weblogin[.]pennkey[.]upenn[.]edu[.]reactivation[.]in

webmail[.]reactivation[.]in

www[.]ezlibproxy1[.]ntu[.]edu[.]sg[.]reactivation[.]in

www[.]ezpa[.]library[.]ualberta[.]ca[.]reactivation[.]in

www[.]lib[.]just[.]edu[.]jo[.]reactivation[.]in

www[.]passport[.]pitt[.]edu[.]reactivation[.]in

http://shib[.]ncsu[.]ulibr[.]cf/idp/profile/SAML2/POST/SSO

www[.]shibboleth[.]nyu[.]edu[.]reactivation[.]in

www[.]weblogin[.]pennkey[.]upenn[.]edu[.]reactivation[.]in

ezlibproxy1[.]ntu[.]edu[.]sg[.]reactivation[.]in

login[.]revproxy[.]brown[.]edu[.]libt[.]cf

weblogin[.]umich[.]edu[.]lib2[.]ml

catalog[.]sju[.]edu[.]mncr[.]tk

ezpa[.]library[.]ualberta[.]ca[.]reactivation[.]in

lib[.]just[.]edu[.]jo[.]reactivation[.]in

login[.]ezproxy[.]lib[.]purdue[.]edu[.]reactivation[.]in

login[.]libproxy[.]temple[.]shibboleth2[.]uchicago[.]ulibr[.]cf

shib[.]ncsu[.]shibboleth2[.]uchicago[.]ulibr[.]cf

shibboleth2[.]uchicago[.]shibboleth2[.]uchicago[.]ulibr[.]cf

singlesignon[.]gwu[.]shibboleth2[.]uchicago[.]ulibr[.]cf

webauth[.]ox[.]ac[.]uk[.]shibboleth2[.]uchicago[.]ulibr[.]cf

edu[.]libt[.]cf

login[.]libproxy[.]temple[.]ulibr[.]cf

shib[.]ncsu[.]ulibr[.]cf

singlesignon[.]gwu[.]ulibr[.]cf

webauth[.]ox[.]ac[.]uk[.]ulibr[.]cf

library[.]cornell[.]ulibr[.]ga

login[.]ezproxy[.]gsu[.]ulibr[.]ga

shibboleth2[.]uchicago[.]ulibr[.]cf

login[.]library[.]nyu[.]ulibr[.]ga

mail[.]ulibr[.]ga

webcat[.]lib[.]unc[.]ulibr[.]ga

www[.]ulibr[.]ga

www[.]alexandria[.]rice[.]ulibr[.]ga

www[.]cmich[.]ulibr[.]ga

www[.]columbia[.]ulibr[.]ga

www[.]ezproxy-authcate[.]lib[.]monash[.]ulibr[.]ga

www[.]ezproxy-authcate[.]monash[.]lib[.]ulibr[.]ga

www[.]ezproxy-f[.]deakin[.]au[.]ulibr[.]ga

www[.]lib[.]dundee[.]ac[.]uk[.]ulibr[.]ga

www[.]library[.]cornell[.]ulibr[.]ga

www[.]login[.]ezproxy[.]gsu[.]ulibr[.]ga

www[.]login[.]library[.]nyu[.]ulibr[.]ga

auth[.]berkeley[.]edu[.]libna[.]ml

sso[.]lib[.]uts[.]edu[.]au[.]libna[.]ml

bb[.]uvm[.]edu[.]cvre[.]tk

cline[.]lib[.]nau[.]edu[.]cvre[.]tk

illiad[.]lib[.]binghamton[.]edu[.]cvre[.]tk

libcat[.]smu[.]edu[.]cvre[.]tk

login[.]brandeis[.]edu[.]cvre[.]tk

msim[.]cvre[.]tk

libcat[.]library[.]qut[.]nsae[.]ml

www[.]webcat[.]lib[.]unc[.]ulibr[.]ga

Stay tuned!

Continue reading →

Exposing Behrooz Kamalian's Ashiyane ICT Company - An OSINT Analysis

Dear blog readers,

I've decided to share with everyone some practical and actionable threat intelligence information regarding members of the Ashiyane Digital Security Team also known as Behrooz Kamalian's Ashiyane ICT Company for the purpose of assisting everyone in their cyber attack and cyber attack attribution campaigns.

Name: Behrooz Kamalian

Postal address:

Tajrish Sq, Fana Khosro St,Amir Salam Alley,No 22, Ashiyane ICT Company

Phone number: 22727284-5

Fax number: 22727283

email: nima.salehi@yahoo.com

Technical Handle: nic36928h37

Name: Behrooz Kamalian

email: nima.salehi@yahoo.com

Domain Name: ashiyane.ir

Legal Holder: Behrooz Kamalian

Postal address:

Unit 28, Floor Seven, 36 Building , Daneshvar alley, Jamalzadeh St. , Enghelab Sq.

Tehran, IR

1336925748

Phone number: +98.2166935551

Fax number: +98.2166930577

Admin Contact: nic36928h37

Technical Contact: nic36928h37

Domain Name Server1: ns1.ashiyane.org

Domain Name Server2: ns2.ashiyane.org

Request Date: 29 December 2005

Last Verification: 21 September 2006

Reseller: Govah Tadbir Rayaneh

Postal address:

Unir 1 , 1th Floor , No.376 , North Bahar St .

Phone number: +98 21 88849956-7

Fax number: +98 21 88307682

email: info@tadbir.ir

Continue reading →

Exposing a Currently Active Domain Portfolio Managed and Operated by Members of the Ashiyane Digital Security Team - An OSINT Analysis

Note: This OSINT analysis has been originally published at my current employer's Web site - https://whoisxmlapi.com where I'm currently acting as a DNS Threat Researcher since January, 2021.

We’ve decided to take a closer look at the current and historical domain portfolio managed and operated by members of Iran’s Ashiyane Digital Security Team using Maltego in combination with WhoisXML API’s integration for the purpose of providing actionable threat intelligence including to assist fellow researchers vendors and organization on their way to track down and monitor the Internet connected infrastructure of key members of Iran’s Ashiyane Digital Security Team for the purpose of monitoring it and attempting to take it offline.

In this article we’ll provide actionable intelligence on some of the currently active domains managed run and operated by Iran’s Ashiyane Digital Security Team with the idea to assist fellow researchers vendors and organizations on their way to track down and monitor the infrastructure managed run and operated by Iran’s Ashiyane Digital Security Team.

A list of currently active domain portfolio known to be managed and operated by members of Iran’s Ashiyane Digital Security Team:

life-guard[.]ir

sepahan-trans[.]ir

kashanit[.]ir

websazangroup[.]ir

namvarnameybastan[.]ir

ashiyane-ads[.]com

tamamkar-chalous[.]ir

padidehafagh[.]com

padideafagh[.]com

bahmanshahreza[.]com

vatanpaydar[.]com

pkpersian[.]net

xn--wgba3di6y7p[.]com

jonoobhost[.]net

mahmoudbahmani[.]ir

piremehr[.]ir

shahrepars[.]ir

3diamond[.]ir

mhdcard[.]com

ashiyanecrm[.]com

tabta2[.]com

ashiyane-bot[.]ir

projejob[.]ir

rizone[.]ir

iedb[.]ir

unmobile[.]ir

razmaraa[.]ir

tabrizigold[.]ir

galleryfirozeh[.]ir

foroozanborj[.]ir

unicornart[.]ir

rahnamayeiran[.]ir

iranhack[.]ir

shomalbeauty[.]ir

andishehig[.]ir

meelk[.]ir

tamamkar-sari[.]ir

namehybastan[.]ir

chemiiran[.]ir

A list of currently active domain portfolio known to have been registered managed and operated by members of Iran’s Ashiyane Digital Security Team:

websazanco[.]ir

rahnamayeiran[.]ir

maz-laa[.]ir

esnikan[.]ir

foroozanborj[.]ir

royall-shop[.]ir

ashiyane[.]ir

chemiiran[.]ir

account-yahoo[.]com

arshiasanat-babol[.]ir

ashiyane-ads[.]com

jahandarco[.]ir

momtazbarbari[.]ir

pouyaandishan-mazand[.]ir

shomalbeauty[.]ir

tractorsazi[.]com

aleyaasin[.]com

farsmarket[.]com

englishdl[.]com

zproje[.]ir

projejob[.]ir

songdownload[.]ir

ashiyanesms[.]com

ihybrid[.]us

drsjalili[.]com

ashiyane[.]org

ashiyanecrm[.]com

ashiyanehost[.]com

ashiyanex[.]com

rasht-samacollege[.]ir

instapacks[.]ir

bahmanshahreza[.]com

shaahreza[.]com

shahrezanews[.]com

taktaweb[.]net

javannovin[.]com

padidehafagh[.]com

padideafagh[.]com

sahebnews[.]com

nasiri[.]info

taktaweb[.]org

bamemar[.]com

talakesht[.]com

sepahan-trans[.]ir

opencart5[.]ir

rasulsh[.]ir

kashanit[.]ir

facebooktu[.]com

life-guard[.]ir

pr0grammers[.]ir

lammer[.]ir

sepahantrans[.]ir

facecode[.]ir

iranhack[.]org

aryanenergy[.]org

khsmt-sabzevar[.]com

orveh[.]com

tipec[.]org

iranhack[.]ir

shantya3d[.]ir

razmaraa[.]ir

soroshland[.]ir

galleryfirozeh[.]ir

unicornart[.]ir

shahrepars[.]ir

3diamond[.]ir

ashiyane-bot[.]ir

mahmoudbahmani[.]ir

piremehr[.]ir

dcligner[.]com

tabta2[.]com

chipiran[.]org

ashiyanebot[.]ir

bnls[.]ir

lamroid[.]com

persiandutyfree[.]com

iran3erver[.]com

hivacom[.]com

irantwitter[.]com

persian-pasargad[.]com

chatafg[.]com

kasraprofile[.]com

gharnict[.]com

minachoob[.]com

gigmeg[.]com

shoka-chat[.]com

serajmehr[.]com

asrarweb[.]com

niazezamuneh[.]com

sana-mobile[.]com

rizone[.]ir

iedb[.]ir

unmobile[.]ir

progmans[.]com

design84u[.]com

istgah-salavati[.]com

iranhack[.]net

shantya3d[.]com

kamelannews[.]com

rangeshab[.]com

dihim[.]com

hdphysics[.]com

cgsolar[.]net

vahidelmi[.]ir

maincoretechnology[.]com

bastanteam[.]com

vvfa[.]com

Irsecteam[.]org

We’ll continue to monitor for new domain registrations courtesy of Iran’s Ashiyane Digital Security Team and we’ll post updates as soon as new developments take place.

Stay tuned!

Continue reading →

Exposing a Currently Active List of Iran-Based Hacker and Hacker Team's Handles - An OSINT Analysis

Dear blog readers,

I've decided to share with everyone a currently active list of Iran-based hacker and hacker team's handles which could greatly assist in possible cyber attack attribution campaigns including cyber threat actor attribution campaigns.

Sample currently active Iran-based hacker and hacker team's handles currently used in massive or targeted Web site defacement campaigns:

[7] || Hacked By Reza_Blz |||| Hacked By Reza_Blz||

[8] .:: Hacked By M4st3r_4w4r3 ::.

[9] ...:: Hacked By Wonted ::....

[10] Hacked By Cair3x

[11] =====Hacked By Aref ====

[12] Hacked By alipc1

[13] Hacked By BrainBoy

[14] Hacked By Mr.Bami

[15] Hacked !? /Cyber Terrorist

[16] Hacked By SaMiR

[17] Hacked By Remove !

[18] HaCkEd By ArMaN InvIsIbLe

[19] Hacked by Original-Hackers

[20] Hacked By : MSN-HACKER

[21] [Hacked..By..Number14]

[22] Hacked By: D4rk_Kn1ght U

[23] [ Hacked By Sootak ]

[24] Hacked By Dr.Root

[25] Hacked By Cocain TeaM

[26] Hacked By Tir3x

[27] ..::HACKED BY MsU360::..

[28] >> HaCKed By MoHSenSUnBOY

[29] Hacked By GHOST

[30] Hacked By Dedmaster

[31] Hacked By amob07

[32] *** HACKED BY PUNISHER ***

[33] Hacked by Hellboy Group

[34] Hacked By infohooman

[35] HacKeD By Cair3x

[36] Hacked By H3LL BOY$

[37] HACKED BY PERSIAN DALTONS

[38] Hacked By MuteMove... !!!

[39] HAcKed By Karaji_kt21

[40] HaCKeD By rootqurd

[41] HaCkEd By ArMaN InvIsIbLe

[42] Hacked By Delta

[43] HACKED BY H3X73L

[44] [ Hacked By SHIA ]

[45] Hacked By SaeedSaaDi

[46] Hacked By #RooTer ;)

[47] [ Hacked By OptiShock ]

[48] Hacked By DevilZ TM

[49] Hacked By Busy Hacker

[50] Hacked By T3rr0r

[51] Hacked By nitROJen

[52] .:: HACKED BY ESSAJI ::.

[53] Hacked By : DangerMan

[54] Hacked By Security Team

[55] Hacked By Solt6n

[56] Hacked by R3d ErRor

[57] HacKeD By Cca

[58] Hacked by Arash Cyber

[59] Hacked By Never More !

[60] ||| Hacked by Afghan Hacker |||

[61] Hacked By Sianor

[62] ---==[ Hacked By MoHaMaD VakeR ]==---

[63] Hacked by Msu360

[64] HACKED BY Anti Shakh !

[65] -=: Hacked By kazi_root :=-

[66] Hacked By DevilZ TM

[67] Hacked By SaMiR

[68] Hacked By Dr.Pantagon

[69] hacked by inJenious

[70] Hacked by D3stroyer

[71] ::: Hacked By ArvinHacker :::

[72] Hacked By ShakafTeam

[73] HACKED BY B!0S

[74] Hacked By Tink3r

[75] Hacked By DevilZ TM

[76] HacKeD By Cair3x

[77] Hacked By Cyber Saboteur

[78] HACKED By Shadow.hacker

[79] -=[ HaCked By TBH ]=-

[80] -=: Hacked By two wolfs :=-

[81] << HACKED by Ali.ERROOR >>

[82] XPERSIA(HACKED BY HACKER)

[83] ????? Hacked By AR3S ?????|| HackeD By AR3S ||HACKED BY AR3S

[84] Hacked By ParsiHacker Security Team

[85] ::... This Site Hacked By TerminatoR

[86] [Hacked by Black hat group ]

[87] HaCked By Shishe security team=====

[88] THIS SITE HACKED BY dani.love666

[89] ::. HACKED BY TODAY PROGRAM GROUP .::

[90] .:hack_really:. hacked by firehackers hack_really

[91] -= Hacked By IrIsT Security Team =-

[92] Hacked By Loooooord Hacking Team

[93] HaCkEd By Anti Security Team

[94] .:::: Hacked By IRaNHaCK Security Team ::::.

[95] This Site Hacked by DiaGraM

[96] .:::: Hacked By IRaNHaCK Security Team ::::.

[97] ????? Hacked By kingback ?????

[98] o--[ Hacked By devilzc0der ]--o

[99] --= Hacked By Hijack Security Team =--

[0] || Hacked By Reza_Blz |||| Hacked By Reza_Blz||

[1] .:: Hacked By M4st3r_4w4r3 ::.

[2] ...:: Hacked By Wonted ::....

[3] Hacked By Cair3x

[4] =====Hacked By Aref ====

[5] Hacked By alipc1

[6] Hacked By BrainBoy

[7] Hacked By Mr.Bami

[8] Hacked By SaMiR

[9] Hacked By Remove !

[10] HaCkEd By ArMaN InvIsIbLe

[11] Hacked by Original-Hackers

[12] Hacked By : MSN-HACKER

[13] [Hacked..By..Number14]

[14] Hacked By: D4rk_Kn1ght U

[15] [ Hacked By Sootak ]

[16] Hacked By Dr.Root

[17] Hacked By Cocain TeaM

[18] Hacked By Tir3x

[19] ..::HACKED BY MsU360::..

[20] >> HaCKed By MoHSenSUnBOY

[21] Hacked By GHOST

[22] Hacked By Dedmaster

[23] Hacked By amob07

[24] *** HACKED BY PUNISHER ***

[25] Hacked by Hellboy Group

[26] Hacked By infohooman

[27] HacKeD By Cair3x

[28] Hacked By H3LL BOY$

[29] HACKED BY PERSIAN DALTONS

[30] Hacked By MuteMove... !!!

[31] HAcKed By Karaji_kt21

[32] HaCKeD By rootqurd

[33] HaCkEd By ArMaN InvIsIbLe

[34] Hacked By Delta

[35] HACKED BY H3X73L

[36] [ Hacked By SHIA ]

[37] Hacked By SaeedSaaDi

[38] Hacked By #RooTer ;)

[39] [ Hacked By OptiShock ]

[40] Hacked By DevilZ TM

[41] Hacked By Busy Hacker

[42] Hacked By T3rr0r

[43] Hacked By nitROJen

[44] .:: HACKED BY ESSAJI ::.

[45] Hacked By : DangerMan

[46] Hacked By Security Team

[47] Hacked By Solt6n

[48] Hacked by R3d ErRor

[49] HacKeD By Cca

[50] Hacked by Arash Cyber

[51] Hacked By Never More !

[52] ||| Hacked by Afghan Hacker |||

[53] Hacked By Sianor

[54] ---==[ Hacked By MoHaMaD VakeR ]==---

[55] Hacked by Msu360

[56] HACKED BY Anti Shakh !

[57] -=: Hacked By kazi_root :=-

[58] Hacked By DevilZ TM

[59] Hacked By SaMiR

[60] Hacked By Dr.Pantagon

[61] hacked by inJenious

[62] Hacked by D3stroyer

[63] ::: Hacked By ArvinHacker :::

[64] Hacked By ShakafTeam

[65] HACKED BY B!0S

[66] Hacked By Tink3r

[67] Hacked By DevilZ TM

[68] HacKeD By Cair3x

[69] Hacked By Cyber Saboteur

[70] HACKED By Shadow.hacker

[71] -=[ HaCked By TBH ]=-

[72] -=: Hacked By two wolfs :=-

[73] << HACKED by Ali.ERROOR >>

[74] XPERSIA(HACKED BY HACKER)

[75] [ Hacked ! ]

[76] Hacked

[77] ????? Hacked By AR3S ?????|| HackeD By AR3S ||HACKED BY AR3S

[78] Hacked

[79] Hacked By ParsiHacker Security Team

[80] ::... This Site Hacked By TerminatoR

[81] [Hacked by Black hat group ]

[82] HaCked By Shishe security team=====

[83] THIS SITE HACKED BY dani.love666

[84] ::. HACKED BY TODAY PROGRAM GROUP .::

[85] .:hack_really:. hacked by firehackers hack_really

[86] -= Hacked By IrIsT Security Team =-

[87] Hacked By Loooooord Hacking Team

[88] HaCkEd By Anti Security Team

[89] .:::: Hacked By IRaNHaCK Security Team ::::.

[90] This Site Hacked by DiaGraM

[91] .:::: Hacked By IRaNHaCK Security Team ::::.

[92] ????? Hacked By kingback ?????

[93] o--[ Hacked By devilzc0der ]--o

[94] --= Hacked By Hijack Security Team =--

[95] [ Hacked By Root Security Team ]

[96] Hacked By Iran Security Team

[97] .:::HACKED BY $py_F!$K3|2:::.

[98] HaCkEd By vahshatestan Security Team

[99] HACKED BY Mr,farshad,and.skote_vahshat

[0] Hacked!

[1] HACKED !

[2] Hacked!

[3] Hacked

[4] [ Hacked ! ]

[5] Hacked

[6] Hacked By Nob0dy

[7] || Hacked By Reza_Blz |||| Hacked By Reza_Blz||

[8] .:: Hacked By M4st3r_4w4r3 ::.

[9] ...:: Hacked By Wonted ::....

[10] Hacked By Cair3x

[11] =====Hacked By Aref ====

[12] Hacked By alipc1

[13] Hacked By BrainBoy

[14] Hacked By Mr.Bami

[15] Hacked !? /Cyber Terrorist

[16] Hacked By SaMiR

[17] Hacked By Remove !

[18] HaCkEd By ArMaN InvIsIbLe

[19] Hacked by Original-Hackers

[20] Hacked By : MSN-HACKER

[21] [Hacked..By..Number14]

[22] Hacked By: D4rk_Kn1ght U

[23] [ Hacked By Sootak ]

[24] Hacked By Dr.Root

[25] Hacked By Cocain TeaM

[26] Hacked By Tir3x

[27] ..::HACKED BY MsU360::..

[28] >> HaCKed By MoHSenSUnBOY

[29] Hacked By GHOST

[30] Hacked By Dedmaster

[31] Hacked By amob07

[32] *** HACKED BY PUNISHER ***

[33] Hacked by Hellboy Group

[34] Hacked By infohooman

[35] HacKeD By Cair3x

[36] Hacked By H3LL BOY$

[37] HACKED BY PERSIAN DALTONS

[38] Hacked By MuteMove... !!!

[39] HAcKed By Karaji_kt21

[40] HaCKeD By rootqurd

[41] HaCkEd By ArMaN InvIsIbLe

[42] Hacked By Delta

[43] HACKED BY H3X73L

[44] [ Hacked By SHIA ]

[45] Hacked By SaeedSaaDi

[46] Hacked By #RooTer ;)

[47] [ Hacked By OptiShock ]

[48] Hacked By DevilZ TM

[49] Hacked By Busy Hacker

[50] Hacked By T3rr0r

[51] Hacked By nitROJen

[52] .:: HACKED BY ESSAJI ::.

[53] Hacked By : DangerMan

[54] Hacked By Security Team

[55] Hacked By Solt6n

[56] Hacked by R3d ErRor

[57] HacKeD By Cca

[58] Hacked by Arash Cyber

[59] Hacked By Never More !

[60] ||| Hacked by Afghan Hacker |||

[61] Hacked By Sianor

[62] ---==[ Hacked By MoHaMaD VakeR ]==---

[63] Hacked by Msu360

[64] HACKED BY Anti Shakh !

[65] -=: Hacked By kazi_root :=-

[66] Hacked By DevilZ TM

[67] Hacked By SaMiR

[68] Hacked By Dr.Pantagon

[69] hacked by inJenious

[70] Hacked by D3stroyer

[71] ::: Hacked By ArvinHacker :::

[72] Hacked By ShakafTeam

[73] HACKED BY B!0S

[74] Hacked By Tink3r

[75] Hacked By DevilZ TM

[76] HacKeD By Cair3x

[77] Hacked By Cyber Saboteur

[78] HACKED By Shadow.hacker

[79] -=[ HaCked By TBH ]=-

[80] -=: Hacked By two wolfs :=-

[81] << HACKED by Ali.ERROOR >>

[82] XPERSIA(HACKED BY HACKER)

[83] ????? Hacked By AR3S ?????|| HackeD By AR3S ||HACKED BY AR3S

[84] Hacked By ParsiHacker Security Team

[85] ::... This Site Hacked By TerminatoR

[86] [Hacked by Black hat group ]

[87] HaCked By Shishe security team=====

[88] THIS SITE HACKED BY dani.love666

[89] ::. HACKED BY TODAY PROGRAM GROUP .::

[90] .:hack_really:. hacked by firehackers hack_really

[91] -= Hacked By IrIsT Security Team =-

[92] Hacked By Loooooord Hacking Team

[93] HaCkEd By Anti Security Team

[94] .:::: Hacked By IRaNHaCK Security Team ::::.

[95] This Site Hacked by DiaGraM

[96] .:::: Hacked By IRaNHaCK Security Team ::::.

[97] ????? Hacked By kingback ?????

[98] o--[ Hacked By devilzc0der ]--o

[99] --= Hacked By Hijack Security Team =--

[6] Hacked By Nob0dy

[7] || Hacked By Reza_Blz |||| Hacked By Reza_Blz||

[8] .:: Hacked By M4st3r_4w4r3 ::.

[9] ...:: Hacked By Wonted ::....

[10] Hacked By Cair3x

[11] =====Hacked By Aref ====

[12] Hacked By alipc1

[13] Hacked By BrainBoy

[14] Hacked By Mr.Bami

[15] Hacked !? /Cyber Terrorist

[16] Hacked By SaMiR

[17] Hacked By Remove !

[18] HaCkEd By ArMaN InvIsIbLe

[19] Hacked by Original-Hackers

[20] Hacked By : MSN-HACKER

[21] [Hacked..By..Number14]

[22] Hacked By: D4rk_Kn1ght U

[23] [ Hacked By Sootak ]

[24] Hacked By Dr.Root

[25] Hacked By Cocain TeaM

[26] Hacked By Tir3x

[27] ..::HACKED BY MsU360::..

[28] >> HaCKed By MoHSenSUnBOY

[29] Hacked By GHOST

[30] Hacked By Dedmaster

[31] Hacked By amob07

[32] *** HACKED BY PUNISHER ***

[33] Hacked by Hellboy Group

[34] Hacked By infohooman

[35] HacKeD By Cair3x

[36] Hacked By H3LL BOY$

[37] HACKED BY PERSIAN DALTONS

[38] Hacked By MuteMove... !!!

[39] HAcKed By Karaji_kt21

[40] HaCKeD By rootqurd

[41] HaCkEd By ArMaN InvIsIbLe

[42] Hacked By Delta

[43] HACKED BY H3X73L

[44] [ Hacked By SHIA ]

[45] Hacked By SaeedSaaDi

[46] Hacked By #RooTer ;)

[47] [ Hacked By OptiShock ]

[48] Hacked By DevilZ TM

[49] Hacked By Busy Hacker

[50] Hacked By T3rr0r

[51] Hacked By nitROJen

[52] .:: HACKED BY ESSAJI ::.

[53] Hacked By : DangerMan

[54] Hacked By Security Team

[55] Hacked By Solt6n

[56] Hacked by R3d ErRor

[57] HacKeD By Cca

[58] Hacked by Arash Cyber

[59] Hacked By Never More !

[60] ||| Hacked by Afghan Hacker |||

[61] Hacked By Sianor

[62] ---==[ Hacked By MoHaMaD VakeR ]==---

[63] Hacked by Msu360

[64] HACKED BY Anti Shakh !

[65] -=: Hacked By kazi_root :=-

[66] Hacked By DevilZ TM

[67] Hacked By SaMiR

[68] Hacked By Dr.Pantagon

[69] hacked by inJenious

[70] Hacked by D3stroyer

[71] ::: Hacked By ArvinHacker :::

[72] Hacked By ShakafTeam

[73] HACKED BY B!0S

[74] Hacked By Tink3r

[75] Hacked By DevilZ TM

[76] HacKeD By Cair3x

[77] Hacked By Cyber Saboteur

[78] HACKED By Shadow.hacker

[79] -=[ HaCked By TBH ]=-

[80] -=: Hacked By two wolfs :=-

[81] << HACKED by Ali.ERROOR >>

[82] XPERSIA(HACKED BY HACKER)

[83] ????? Hacked By AR3S ?????|| HackeD By AR3S ||HACKED BY AR3S

[84] Hacked By ParsiHacker Security Team

[85] ::... This Site Hacked By TerminatoR

[86] [Hacked by Black hat group ]

[87] HaCked By Shishe security team=====

[88] THIS SITE HACKED BY dani.love666

[89] ::. HACKED BY TODAY PROGRAM GROUP .::

[90] .:hack_really:. hacked by firehackers hack_really

[91] -= Hacked By IrIsT Security Team =-

[92] Hacked By Loooooord Hacking Team

[93] HaCkEd By Anti Security Team

[94] .:::: Hacked By IRaNHaCK Security Team ::::.

[95] This Site Hacked by DiaGraM

[96] .:::: Hacked By IRaNHaCK Security Team ::::.

[97] ????? Hacked By kingback ?????

[98] o--[ Hacked By devilzc0der ]--o

[99] --= Hacked By Hijack Security Team =--

[0] || Hacked By Reza_Blz |||| Hacked By Reza_Blz||

[1] .:: Hacked By M4st3r_4w4r3 ::.

[2] ...:: Hacked By Wonted ::....

[3] Hacked By Cair3x

[4] =====Hacked By Aref ====

[5] Hacked By alipc1

[6] Hacked By BrainBoy

[7] Hacked By Mr.Bami

[8] Hacked By SaMiR

[9] Hacked By Remove !

[10] HaCkEd By ArMaN InvIsIbLe

[11] Hacked by Original-Hackers

[12] Hacked By : MSN-HACKER

[13] [Hacked..By..Number14]

[14] Hacked By: D4rk_Kn1ght U

[15] [ Hacked By Sootak ]

[16] Hacked By Dr.Root

[17] Hacked By Cocain TeaM

[18] Hacked By Tir3x

[19] ..::HACKED BY MsU360::..

[20] >> HaCKed By MoHSenSUnBOY

[21] Hacked By GHOST

[22] Hacked By Dedmaster

[23] Hacked By amob07

[24] *** HACKED BY PUNISHER ***

[25] Hacked by Hellboy Group

[26] Hacked By infohooman

[27] HacKeD By Cair3x

[28] Hacked By H3LL BOY$

[29] HACKED BY PERSIAN DALTONS

[30] Hacked By MuteMove... !!!

[31] HAcKed By Karaji_kt21

[32] HaCKeD By rootqurd

[33] HaCkEd By ArMaN InvIsIbLe

[34] Hacked By Delta

[35] HACKED BY H3X73L

[36] [ Hacked By SHIA ]

[37] Hacked By SaeedSaaDi

[38] Hacked By #RooTer ;)

[39] [ Hacked By OptiShock ]

[40] Hacked By DevilZ TM

[41] Hacked By Busy Hacker

[42] Hacked By T3rr0r

[43] Hacked By nitROJen

[44] .:: HACKED BY ESSAJI ::.

[45] Hacked By : DangerMan

[46] Hacked By Security Team

[47] Hacked By Solt6n

[48] Hacked by R3d ErRor

[49] HacKeD By Cca

[50] Hacked by Arash Cyber

[51] Hacked By Never More !

[52] ||| Hacked by Afghan Hacker |||

[53] Hacked By Sianor

[54] ---==[ Hacked By MoHaMaD VakeR ]==---

[55] Hacked by Msu360

[56] HACKED BY Anti Shakh !

[57] -=: Hacked By kazi_root :=-

[58] Hacked By DevilZ TM

[59] Hacked By SaMiR

[60] Hacked By Dr.Pantagon

[61] hacked by inJenious

[62] Hacked by D3stroyer

[63] ::: Hacked By ArvinHacker :::

[64] Hacked By ShakafTeam

[65] HACKED BY B!0S

[66] Hacked By Tink3r

[67] Hacked By DevilZ TM

[68] HacKeD By Cair3x

[69] Hacked By Cyber Saboteur

[70] HACKED By Shadow.hacker

[71] -=[ HaCked By TBH ]=-

[72] -=: Hacked By two wolfs :=-

[73] << HACKED by Ali.ERROOR >>

[74] XPERSIA(HACKED BY HACKER)

[75] [ Hacked ! ]

[76] Hacked

[77] ????? Hacked By AR3S ?????|| HackeD By AR3S ||HACKED BY AR3S

[78] Hacked

[79] Hacked By ParsiHacker Security Team

[80] ::... This Site Hacked By TerminatoR

[81] [Hacked by Black hat group ]

[82] HaCked By Shishe security team=====

[83] THIS SITE HACKED BY dani.love666

[84] ::. HACKED BY TODAY PROGRAM GROUP .::

[85] .:hack_really:. hacked by firehackers hack_really

[86] -= Hacked By IrIsT Security Team =-

[87] Hacked By Loooooord Hacking Team

[88] HaCkEd By Anti Security Team

[89] .:::: Hacked By IRaNHaCK Security Team ::::.

[90] This Site Hacked by DiaGraM

[91] .:::: Hacked By IRaNHaCK Security Team ::::.

[92] ????? Hacked By kingback ?????

[93] o--[ Hacked By devilzc0der ]--o

[94] --= Hacked By Hijack Security Team =--

[95] [ Hacked By Root Security Team ]

[96] Hacked By Iran Security Team

[97] .:::HACKED BY $py_F!$K3|2:::.

[98] HaCkEd By vahshatestan Security Team

[99] HACKED BY Mr,farshad,and.skote_vahshat

[0] Hacked By Cocain TeaM

[1] Vvolf Hackerz Team

[2] Ashiyane Digital Security Team

[3] Hacked By Security Team

[4] Hacked By ParsiHacker Security Team

[5] HaCked By Shishe security team=====

[6] -= Hacked By IrIsT Security Team =-

[7] Hacked By Loooooord Hacking Team

[8] HaCkEd By Anti Security Team

[9] .:::: Hacked By IRaNHaCK Security Team ::::.

[10] .:::: Hacked By IRaNHaCK Security Team ::::.

[11] --= Hacked By Hijack Security Team =--

[12] [ Hacked By Root Security Team ]

[13] Hacked By Iran Security Team

[14] Defaced By Irazic Hacking Team

[15] HaCkEd By vahshatestan Security Team

[16] Hacked By ZaHackers Security Team

[17] .:: ----~~~D E L T A ,,, HACKING ,,, TEAM~~~ ---- ::

[18] Hacked By Ashiyane Digital Security Team - farbodmahini

[19] Defaced By RMA Digital Security Team

[20] Hacked By Scary Boys Digital Hacking Team

[21] Hacked By Black Fox Security Team

[22] ---= Hacked By Iranian DataCoders Security Team =---

[23] Hacked By Ashiyane Digital Security Team

[24] ::: Hacked By East Hackers Digital Security Team :::

[25] Delta-Hacker Security Team : Home Page

[26] Hacked By Ashiyane Digital Security Team

[27] [ Hacked By Iran Black Hats Team ]

[28] hacked by Esfahan Digital Security Team.!!!

[29] H4cKeD By Sahel-soft Security Team

[30] Hacked by Mohammad {2M Team(The ROCK)}

[31] Hacked By Parshan Digital Security Team

[32] [ Hacked By Iran Black Hats Team ]

[33] Hacked By Delta hacking Digital Security TEAM..........

[34] Hacked By Ashiyane Digital Security Team

[35] ????? Iranian South Coders Security Team ?????

[36] Hacked BY HashoR - Ashiyane Digital Security Team

[37] Hacked By Ramian Digital Security Team

[38] HACKED BY IHZ-TEAM ( Invisible Hackers Zone )

[39] Hacked By Ashiyane Digital Security Team

[40] Hacked By Scary Boys Digital Hacking Team

[41] ---= Hacked By Iranian DataCoders Security Team =---

[42] ---= Hacked By Iranian DataCoders Security Team =---

[43] Hacked by golpayegan Hacking Team --mortal_error----

[44] HACKED BY Iran Black Hats Team

[45] This Site Hacked By ParsiHacker Team ! ?

[46] Hacked By Tr0y Digital Security TeaM

[47] ++ Hacked By P30Hack Digital Hacking Team ++

[48] Hacked By ShakafTeam

[49] ..::~ This Site Hacked by Iranian DataCoders Security Team ~::..

[50] This Site Hacked by ART@N DiGiTal Security TeaM

[51] [----> This Site Is Hacked By : Digital West Asia Security Team <----

[52] ????? .::MaHDi PaTrioT-=- Hacked BY Ashiyane Digital Security Team::. ?????

[53] Hacked By G0D-0F-W4R Digital Security TeaM

[54] This site hacked by Iranian Datacoders Security team

[55] Hacked By IRAN-BABOL-HACKERS-SECURITY-TEAM ~ Popo WAS HERE !~

[56] This Web Site Hacked By ku4ng Hacking Team

[57] Hacked By Delta

[58] [----> This Site Is Hacked By : Digital West Asia Security Team <----] ???? | ???? | ????| ????|

[59] Home Page

[60] Hacked By 0261 Under Earth

[61] [ Hacked ! ]

[62] Hacked By Cyber Saboteur

[63] Hacked By amob07

[64] [ Hacked By SHIA ]

[65] YahooSwatTeam.jpg

[66] YahooSwatTeam2.gif

[67]

[68] Defaced By Lord Nemesis

[69] Hacked by D3stroyer

[70] Index of /

[71] \..Crack3R../

[72] iranash.jpg

[73] You Have Been Hacked By UfS

[74] ::: Hacked By ArvinHacker :::

[75] << HACKED by Ali.ERROOR >>

[76] Hacked By GHOST

[77] HacKeD By Cair3x

[78] By -Sun Army-

[79] __Hacked By __WANTED__

[80] [ L0v3-H4cking-w4s-Here ] { Hacked }H4cked By:Love Hacking

[81] Hacked By Sianor

[82] Hacked by Msu360

[83] -[ Defaced By ExeCutiveIM Group & BioS ]-Defaced By ExecutiveIM Group & BioS

[84] Local index - HTTrack Website CopierLocal index - HTTrack

[85] Annoncer

[86] Hacked By Remove !

[87] HAcKed By Karaji_kt21

[88] ~ This Site Hacked By Crazy LoveR ~

[89] Hacked by Arash Cyber

[90] Index of /

[91] Index of /ID Maker

[92] Index of /

[93]

[94] Hacked !

Stay tuned!

Continue reading →

Profiling "Nedasites" - A DDoS Attack Tool Campaign Aiming to Target Iran Prior to the 2009 Election - An OSINT Analysis

I've recently stumbled upon a unique DDoS tool which is basically enticing users into downloading it and launching DDoS attacks against a pre-defined list of Iran-based government and various other Iran-based targets which appears to have been originally released during the 2009 election in Iran.

In this post I'll provide actionable intelligence and discuss in-depth the campaign including the actual tool and provide the actual list of targeted URLs including the actual MD5 for the malicious DDoS tool and discuss in-depth the actual crowd-sourcing DDoS campaign which was originally lauched during the 2009 election in Iran.

It appears that back in 2009 a tiny group of folks including companies actually organized an online spree to help and support Iran's activists and protestors with technologies and access to free service which basically violates the law and should be considered a dangerous precendent in the context of assisting Iran-based activists and protestors. Therefore I've decided to take a deeper look inside the trend that took place internationally back in the 2009 Iran-based election and offer practical and relevant technical and actionable intelligence information on the actual infrastructure behind the campaign including its participants.

Related domains and URLs known to have been involved in the campaign:

https://lxkghnyg2owy6scd.onion

http://iran.whyweprotest.net/

http://haystack.austinheap.com/

http://www.haystacknetwork.com/

http://iproxyiran.tk/

http://iranpetitie.wordpress.com/

https://davepack.net/retweetforiran.html

https://iranfree.cryptocloud.net/

http://servers-info.com/

MD5: 25bc5507934756a836e574e9b43f8b3a - Detection rate

Sample official download location of the actual DDoS application:

https://sites.google.com/site/nedasites

Sample targeted URLs and domains list:

http://keyhannews.ir

http://www.iran-newspaper.com

http://www.irna.com

http://www.irna.ir

http://www2.irna.com

http://www5.irna.com

http://www.irna.net

http://www.tabnak.com

http://www.farsnews.com

http://english.farsnews.com

http://shahabnews.com

http://www.rajanews.com

http://www.khamenei.ir

http://www.ahmadinejad.ir

http://www.gerdab.ir

http://www.bornanews.com

http://www.bornanews.ir

http://www.leader.ir/langs/en

http://www.president.ir/fa/

http://www.mod.ir

http://www.isna.ir

http://www.justice.ir

http://www.presstv.ir

http://www.police.ir

http://mfa.gov.ir

http://sahandnews.com

http://www.farsnews.net

HAMSEDA.IR -- theplanet.com

HAMSHAHRIONLINE.IR -- cogentco.com

AYANDENEWS.COM -- theplanet.com

ASRIRAN.COM -- theplanet.com

SHIA-NEWS.COM -- theplanet.com

SHAFAF.IR -- theplanet.com

SIBNA.IR -- theplanet.com

SAYENEWS.COM -- theplanet.com

KAYHANNEWS.IR -- theplanet.com

RESALAT-NEWS.COM -- iweb.com

DEILAMNEWS.COM -- iweb.com

KHORASANNEWS.COM -- abac.com

JAHANNEWS.COM -- theplanet.com

JARASNEWS.COM -- theplanet.com

POOLNEWS.IR -- theplanet.com

PARSINE.COM -- theplanet.com

BUSHEHRNEWS.COM -- theplanet.com

TEBNA.COM -- theplanet.com

IWNA.IR -- theplanet.com

ALBORZNEWS.NET -- theplanet.com

ERAMNEWS.IR -- theplanet.com

AYANDENEWS.COM -- theplanet.com

JOMHOURIESLAMI.COM -- iweb.com

Something else that's also worth emphasizing on in terms of the Iran 2009 election is that the U.K's GCHQ has also been busy attempting to track down protestors including activists and has been busy working on an election specific and GCHQ owned URL shortening service which I managed to profile and expose here including the following still active Twitter accounts and URLs known to have been involved in the GCHQ campaign to monitor and track down Iran 2009 election protesters and activists:

https://twitter.com/2009iranfree

https://twitter.com/MagdyBasha123

https://twitter.com/TheLorelie

https://twitter.com/Jim_Harper

https://twitter.com/angelocerantola

https://twitter.com/recognizedesign

https://twitter.com/akhormani

https://twitter.com/FNZZ

https://twitter.com/GlenBuchholz

https://twitter.com/enricolabriola

https://twitter.com/katriord

https://twitter.com/ShahkAm147

https://twitter.com/Pezhman09

https://twitter.com/jimsharr

https://twitter.com/blackhatcode

Stay tuned!

Continue reading →

Exposing Iran-based Hackers and Web Site Defacement Group's Personal Web Sites Portfolio - Direct Technical Collection Download! Grab a Copy Today! - Part Two

Dear blog readers,

I've recently changed the actual download locations for two of the "Iran-based Hackers and Web Site Defacement Group's Personal Web Sites Portfolio - Direct Technical Collection Download" file archives where you can actually go through some of the entire content portfolio on a huge number of currently active Web sites belonging to Iran-based hacking groups including lone hackers posted here including here.

Grab a free copy of the original research here including the second part here.

Part 01 - Download here

Part 02 - Download here

Check out the actual document here.

Sample photos include:

Sample photos includes:

Stay tuned!

Continue reading →