“Amid popular uprisings in Syria, Facebook users in the country logging into the secure HTTPS version of the social networking site are finding themselves to be the targets of an ongoing man-in-the-middle attack detected on various Internet service providers. Although it is unclear who is behind the attack, the Electronic Frontier Foundation links the attack to allegations that the Syrian Telecom Ministry, under the auspices of the Syrian government, is the perpetrator. It is suspected that the Ministry has replaced Facebook’s security certificate with a fake unsigned one. In this attack, users’ browsers propagate a SSL error on the Facebook Web site because the certificate is not trusted by the browser. Users may ignore the warning by clicking through it, and in doing so, allowing the attacker to access their Facebook account and control and collect information. Some suspect that this is a ruse by Syrian authorities to spy on activists using the site to coordinate protests.”

From Information Warfare Monitor