Donate for the Cryptome archive of files from June 1996 to the present

4 June 2013

Mossad MITM SSL Attack

A sends:

I have found the attached image on a forum with dates (in Persian) back to almost 10 months ago. The post having this image embedded explained how the backbone of a major Iranian internet provider known as Mobinnet has been infiltrated and a SSL man in the middle attack took place on sensitive targets including Mossad's 'contact us' webpage. The signature on the image is quite familiar to me and perhaps for your readers.


Been using Mobinnet's Wimax service in Iran. I realized they are selling re-branded modems either made by or for Chinese firm Huawei. If this was state-sponsored attack they would not publish it in such form, certainly not now. Due to complicated politics in Iran and the intense environment,the 'state' might not be something straightforward usually referred to by media as the government or the military, though.

My bet is on further bad news for whoever contacted Mossad using their website. Previous postings from 'the P' for a fellow Iranian has one obvious translation: ultra sonic radicalized militia types who would even cancel the 'state' itself if required, let alone somebody idealistically motivated or an opportunist who contacted the jewish-state for 'a journey'.

There is a hint for political animals based in D.C. playing the usual ball: the attribution in 'jihadist' operations and whoever supports and empowers them is not simple as finger pointing practice the policy makers are used to.