syrianelectronicarmy
Latest
US charges Syrian Electronic Army hackers
Despite numerous high-profile hacking campaigns against the US government, news outlets and tech companies, the Syrian Electronic Army has remained a largely faceless entity... until now. The US has charged Ahmad Umar Agha (left), Firas Dardar (right) and Peter Romar with several crimes, including unauthorized computer access and (in the cases of Dardar and Romar) money laundering. The three are accused of compromising numerous targets, including a Marine Corps recruiting page (where they encouraged mutiny) and a news site (where they made false claims that the White House was under attack). Separately, Dardar and Romar are charged with conducting extortion schemes: Dardar would force victims to pay up and use Romar to get around Syrian sanctions forbidding payments.
Syrian government supporters hack the US Army's website
The Syrian government's digital supporters aren't letting up on their attacks against the US. Officials have confirmed that hackers linking themselves to the Syrian Electronic Army both defaced the US Army's website and steered visitors to a page championing the regime. The military rejects the intruders' claims that they compromised internal databases, noting that there's no classified or personal data at risk. Still, the Army isn't taking any chances -- it temporarily took down its website to make sure things didn't get any worse. However light the damage might be, it's safe to say that the feds' cyberdefense efforts just took another bad blow. [Image credit: Ted Aljibe/AFP/Getty Images]
One million Forbes accounts reportedly stolen in Syrian Electronic Army hack
Having already targeted several big name news organizations, the Syrian Electronic Army has hit another, this time publishing a reported one million user credentials from business site Forbes.com. Re/code reports that the group posted various messages to its Twitter account claiming responsibility for the attack, sharing a screenshot of the site's publishing system and indicating it accessed a Forbes employee's accounts in order to do so. Forbes, meanwhile, has confirmed the compromise, prompting users to change their passwords and be on their guard for a potential increase in targeted phishing attacks. While passwords were hashed (not stored in plain text), they may not be safe from enterprising third parties. The site has since returned to normal, but the company says it's in contact with law enforcement to identify exactly what happened. Between this and the recent Kickstarter hack, it's been a lousy few days for database administrators.
President Obama's Twitter and Facebook accounts targeted in Syrian Electronic Army hack
After tackling The New York Times, Twitter images and several other high-profile social media accounts, the Syrian Electronic Army has now struck the online presence of President Obama. A string of tweets were sent from the @BarrackObama account and messages posted to the President's Facebook fan page earlier today with links to SEA YouTube content. The source of the breach has been traced to a third-party URL shortener and not a takeover of the accounts themselves, letting the hackers redirect any links sent out by members of Organizing for Action to SEA links. It also appears that the organization was able to gain access to a campaign-related Gmail account as it posted a screenshot of the inbox. Control of the URL tool looks to be back in the hands of Obama's team as Facebook links are no longer redirecting, but Obama's official Twitter handle has been suspended for the time being.
DNS hack takes The New York Times offline (update: Twitter images were affected too)
For the second time this month, The New York Times has gone offline. This time around, the Syrian Electronic Army is likely to blame, with a Domain Name System (DNS) hack crippling the news org's online operation. The NYT's web servers are still online, however, so the publication has begun tweeting out direct IP links to recent articles. Meanwhile, Twitter itself may be vulnerable. Hackers have managed to modify some of the registration data, including the contact email address, suggesting an attack on the social site may be imminent. Update: According to a tweet from the paper's official account, it's temporarily publishing updates at news.nytco.com. Update 2: Twitter has confirmed the twimg.com domain used for images and photos was among those affected. According to the post, the original domain record has been restored and no user information was affected.
Viber support page hacked by Syrian Electronic Army, most user info remains safe
The Syrian Electronic Army isn't happy with VoIP app developers as of late -- following an attack against Tango last week, the politically motivated hacking group has compromised Viber's support page. The SEA claims to have downloaded database backups from Viber that include phone numbers, device IDs and push notification tokens. However, the company believes that the attack was largely harmless for regular customers; SEA's team got access to top-level support systems, but not the all-important user databases. They're kept in a system that can't be reached by attacks like these, according to Viber. While that news is reassuring, we'd advise playing it safe by watching for any suspicious account activity.
