wiredmikey writes "Simurgh, a privacy tool used in Iran and Syria to bypass Internet censorship and governmental monitoring, is being circulated with a backdoor. The compromised version has been offered on P2P networks and via web searches. Research conducted by CitizenLab.org has shown that the malicious version isn't available from the original software source, only through third-party access, so it appears that Simurgh has been repackaged. The troubling aspect of the malicious version is that while it does install the proxy as expected, it then adds a keylogging component, and ships the recorded information off to a server hosted in the U.S. and registered to a person in Saudi Arabia. In response to this attack, the team that develops Simurgh has instituted a check that will warn the user if they are running a compromised version of the software. At present, it is unknown who developed the hijacked version of Simurgh, or why they did so."