Why does the “Iranian Cyber Army” use the red star, a communist symbol from the soviet era?
It’s Twitter Friday again! Welcome back to my weekly column. Apparently Twitter or rather its DNS got hacked. DNS is that little thingy that assigns real Internet addresses (like Twitter.com) to those so called IP addresses or rather numbers websites hide behind. This is what we know. The rest of the story is quite questionable though.
To be honest I don’t believe the “Iranian Cyber Army” is real, like there is an organization of hackers behind it.
Also the footprints they’ve left neither look like real hackers nor like real Iranians. I’ll explain why.
The “Iranian Cyber Army” does not sound like Iranians. Why?
- Iranians speak and write Farsi while the hacked sites did not contain any Farsi messages. There was some broken English and an image with Arabic on it. It looked Arabic to me so I asked an native Farsi speaker and he confirmed that it’s Arabic not Farsi.
- Iranians, at least those from Iran supportive of the current Islamic government don’t use soviet era communist symbols. The “Iranian Cyber army” mimics the red army star though. In fact the Islamic rulers of Iran prosecute communists. Most of them had to flee the country after the Islamic revolution had succeeded.
- Hacking Twitter is really bad for Iran. Almost everybody in the West dislikes Iran anyway and wrongly assumes that it’s the biggest threat since the cold war. So they really, really need some sympathy and this is the worst press they can get now.
- Some people argue that this might be some kind of retaliation for Twitter role in the support of the protests after the election. Remember, the US State Department ordered Twitter to postpone a downtime so that news about the anti-government protests can get spread. Back then it would have made some sense to hack Twitter, but now?
- It might be a false flag operation to further get support for measures against Iran. Both people in the US and Israel use cyber warfare against Iran.
The “Iranian Cyber Army” does not sound like hackers. Why?
- Hackers usually don’t put GMail addresses on compromised pages.
- Even in case Iranian hackers would want to use an email address on a hacked page, especially such a big one like Twitter they would probably not choose US based GMail for this task as those emails can easily get intercepted by the US government. Also the sheer number of emails they’ll get renders this step useless.
- The English on the hacked Twitter page was awful. Don’t hackers know proper translation tools and spell checkers?
- Usually hackers, especially those of the political kind don’t target the DNS. They look for code vulnerabilities or they use DoS (Denial of service) attacks by sending too many requests to websites. The US based hackers who hacked Iranian sites after the election did just that.
I’m not a computer security expert but I’ve seen plenty of hacks and compromised websites and there are patterns. This attack is quite unusual. Also it does appear to be highly illogical.
- Why use soviet era red army stars instead of Islamic or Iranian symbols?
- Why write in broken English and publish an image with Arabic text?
This seems to be a case where everybody is made to blame Iran but it’s highly unlikely that Iranians did this. Also the theory about renegade hackers seems inappropriate. The “Iranian Cyber Army” hasn’t appeared in the past before the recent attacks (another site has been hit as well). Google can’t find any results published before these two hacks.
The question is: Who gains support by this attack? Certainly not Iran. It’s really embarrassing for them. Also Iranians don’t like Arabs so why use Arabic? They fought a war a few years ago. Remember the Iraq – Iran war where the West and most Arabic monarchies supported Saddam Hussein’s invasion?
I know that reality sometimes is stranger than fiction but this case is obviously too weird to be what it seems to be. What do you think?