Fake certificate attack targets Facebook users in Syria
al-Assad family suspected of spying on its subjects
A man-in-the-middle attack is being run against users of the secure version of Facebook in Syria, the Electronic Frontier Foundation (EFF) warns.
The semi-professional attack against the HTTPS version of the Facebook site relies on a digital certificate unsigned by any Certificate Authority and probable re-routing of traffic by the Syrian Telecom Ministry. The ongoing attack has been detected against multiple Syrian ISPs.
The use of an unsigned certificate as part of the attack means that the certificate is treated as invalid by modern browsers, raising a security warning. Unfortunately many users ignore such warnings, which can be generated for a variety of reason, such as attempting to visit a secure site via a Wi-Fi hotspot connection that requires an initial log-in.
Surfers in Syria are advised to use either Tor or proxies outside the country in order to access Facebook. The EFF has obtained a copy of the unsigned certificate used in the ruse via contacts in Syria, which it has published in an alert here.
The Facebook fake certificate ruse follows a problem that prevented Syrian surfers from accessing the encrypted version of Hotmail. Microsoft blamed a bug for what it characterised as a glitch, which it said had been limited to first-time users of the encrypted Hotmail who signed in from several countries. Webmail users in the Bahamas, Cayman Islands, and Fiji were also affected by the snafu. ®
by John Leyden The Register
Anyone with spare time please re-do ACTION ALERT 1 in Op Syria
The topic at #OpSyria at either PLF or Anon Ops IRC is now changed to reflect the new Facebook threat
- Syria: President Assad should be brought to book over violence (guardian.co.uk)
- „SYRIA: Protesters issue online appeal for President Assad to hold elections“ and related posts (latimesblogs.latimes.com)
- Syrian Rights Group: ‚800 Die In Protests‘ (news.sky.com)