MCI-CERT as a Security Incident Management and Handling Team, is responsible for receiving, coordination, managing and handling of ICT security incidents of Mobile Communication Company of Iran (MCI). The mission of this team is responding to ICT security incidents, performing proactive actions to mitigate damages and reduce the probability of security incidents occurrence according to business continuity plan.
The objectives of MCI-CERT are as follows:

  • Provide an internal/external trusted contact point in ICT security incident handling
  • Provide a unified authority for receiving ICT security incident reports and responding them
  • Interaction and sharing knowledge, experiences and skills with other CSIRTs and law enforcement in order to improve security and manage ICT security incidents effectively.
  • Handling of ICT security threats, vulnerabilities and incidents in predefined deadlines
  • Reducing the damage of ICT security incidents in quality of services
  • Reduce the probability of reoccurrence of incidents
  • Improve organization's awareness and readiness against ICT security attacks and threats
  • Improve policies and mechanisms for the prevention of incidents continuously
  • Increase the accountability to the official authorities and law enforcement
  • Reactive Services
    • Alerts and Warnings
    • Incident Handling
  • Proactive Service
    • Announcements

You can submit incident or potential vulnerability report to MCI-CERT by email. It must contain at least following content:

  • Identical Information including Name and Last Name
  • Contact Information including Tel and Email Address
  • Status (Choose one of the: 1- Active, 2- Not Active, 3- Recurrence)
  • Occurrence time
  • Detection time
  • Incident category (Choose one or more of the: 1- Compromised Information, 2- Compromised Asset, 3- External Hacking, 4- Unlawful activity, 5- Email)
  • The approximate number of affected users
  • Detailed description of the incident or potential vulnerability
  • How to detect incident or potential vulnerability
  • How to exploit potential vulnerability

Note that all incident reports and information received by MCI-CERT will be confidential.
It is necessary to encrypt email with MCI-CERT's PGP Public key before sending it.

Malware in CamScanner android app :::: Date: 08/31/2019
Android/Filecoder.C Mobile Malware :::: Date: 08/01/2019
Agent Smith Mobile Malware :::: Date: 07/15/2019
MobOk Mobile Malware :::: Date: 07/02/2019
Zero2 Malware :::: Date: 06/22/2019
Scam Emails :::: Date: 05/26/2019
Mobogram 5.4 Mobile Malware :::: Date: 05/19/2019
Remote Desktop Services Remote Code Execution Vulnerability :::: Date: 05/15/2019
Scranos Malware :::: Date: 05/05/2019
Social engineering to extract membership code in social networks :::: Date: 02/23/2019
Calendar Mobile Malware :::: Date: 02/21/2019
Fake Payment Ports :::: Date: 02/03/2019
Instagram's social network applications :::: Date: 01/05/2019
Security announcement about unwanted premium rate text messages :::: Date: 12/29/2018
FREEnet Mobile Malware :::: Date: 12/16/2018
Bluetooth Unlock Bypassing Vulnerability in Some Huawei Mobile Phones :::: Date: 7/1/2018
Clash_Hack Mobile Malware:::: Date: 6/9/2018
Security Announcement about joining telegram's bots :::: Date: 4/25/2018
Safety tips on receiving messages and promotional links :::: Date: 3/3/2018
Ensure lack contamination of the Apps on mobile phone :::: Date: 2/28/2018
Trackmageddon Vulnerabilities Discovered services of location tracking :::: Date: 1/22/2018
TrueCaller Application Announcement :::: Date: 1/14/2018
Avoid returning unknown international numbers :::: Date: 1/13/2018
Safety tips on bank payment terminals :::: 12/16/2017
Malware infection preventing :::: 11/26/2017
Double Locker – Android based ransomware :::: Date: 11/08/2017
Malicious links for free internet :::: Date: 10/30/2017
Don't Pay Extra :::: Date: 09/24/2017
Security announcement about activating value added services :::: Date: 08/16/2017
Social Engineering :::: Date: 07/29/2017
Securing Wi-Fi and ADSL Modems :::: Date: 06/11/2017
Familiarity with common malwares in cell phones :::: Date: 05/21/2017
Introduction to Zeus Malware :::: Date: 29/01/2017
Familiarity with common malwares :::: Date: 21/12/2016
Deactivate your social network account before pass the sim card to the new owner :::: Date: 14/11/2016
Awareness about Caller id application (Such as Holaa) :::: Date: 14/11/2016
Do not use unreliable network setting :::: Date: 29/10/2016
Security risks of "Pokemon Go :::: Date: 09/10/2016
The introduction of malware calljam on Google play:::: Date: 27/09/2016
Making phone call to unrelated country without user intervention incident announcement:::: Date: 06/04/2016