Home / / Anti-censorship software compromised with spyware

Anti-censorship software compromised with spyware

Popular Iranian proxy software found to include Trojan that reports user data

Anti-censorship software compromised with spyware
A compromised version of the Simurgh proxy has been sending user data to a remote site registered with a Saudi ISP.

A popular web proxy in use by Iranians and Syrians to bypass web censorship has been compromised, according researchers at the University of Toronto.

The Iranian-developed Simurgh standalone proxy, has been widely used in Iran to bypass web censorship and to allow the user to browse anonymously, but in compromised versions downloaded from the 4Shared file sharing service, an additional Trojan has been added to steal user data.

Security researcher Morgan Marquis-Boire, wrote in a blog post: "This Trojan has been specifically crafted to target people attempting to evade government censorship. Given the intended purpose of this software, users must be very careful if they have been infected by this Trojan"

The university researchers discovered the back door after making a closer examination of Simurgh as it has been growing in popularity among Syrians. The Trojan includes a keystroke logger, and appears to be sending data via HTTP post request to a remote site registered with a Saudi Arabian ISP.

Researchers say most anti-virus software should detect the Trojan, but if a user does detect an infection, they should assume that any sensitive data and accounts accessed via that PC may have been compromised and users should change passwords. The Simurgh website is also warning users to check their PCs.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.