In association with heise online

06 May 2011, 16:13

Syrian Facebook users claimed to be under attack

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Electronic Frontier Foundation (EFF) is warning that a man-in-the-middle (MITM) attack is targetting Syrian users who are using HTTPS to access the social networking site Facebook. The warning links to allegations that the Syrian government, in the form of the Syrian Telecom Ministry, is behind the attack and has "replaced Facebook's security certificate with a forged one that makes it easy to spy on users, record their passwords, and view their private content". So far, no one has been able to confirm the veracity of the allegations concerning the identity of whoever is behind the attack.

The attack is relatively unsophisticated. The fake certificate being used is not signed by any certificate authority which should make it easy to spot, but many users are used to ignoring warnings about unsigned certificates and will accept the dubious certificates. An article on says that information about the attack is circulating rapidly among Syrian internet users but notes that it cannot yet verify the claims made about this attack as there is no evidence beyond the original report (Arabic language link).


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit