icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
30 Apr, 2013 01:08

Syrian pro-government hackers hijack The Guardian on Twitter

Syrian pro-government hackers hijack The Guardian on Twitter

After causing havoc on the US stock markets, it seems that the group of hackers known as the “Syrian Electronic Army” (SEA) has struck again, this time hijacking the Twitter feeds of one of Britain's most respected newspapers.

Several accounts belonging to The Guardian, including @GuardianSustBiz and @BusinessDesk, began to send out messages of support for the pro-Assad group earlier on Monday. One tweet from the Business feed read “Follow the Syrian Electronic Army … Follow the truth! @Official_SEA12 #SEA #Syria”

According to the Guardian's own reporting, the SEA is thought to be operating out of a secret base in Dubai since leaving Damascus last year. Opposition activists believe Syrian President Bashar al-Assad's billionaire cousin, Rami Makhlouf, currently backs the group financially, and moved the SEA out of Syria following its emergence in 2011.

The Guardian joins a growing list of media companies that have fallen victim to recent takeovers by the Syrian Electronic Army, which now includes the BBC, NPR and CBS. Recently, the group also managed to gain access to world soccer governing body FIFA’s official feed.

Many of the victims, including The Guardian, reported phishing email attempts before the successful hijacking of their Twitter feeds. According to James Ball, a data editor with The Guardian, the phishing attempts were “sustained” and included variations on emails attempting to steal login credentials from newspaper staff.

“The guys doing the Guardian phishing attack I mentioned yesterday (it's SEA) are really very good: sustained, changing, mails today,” Ball tweeted on Monday.

Image from sea.sy

By some accounts, 11 Twitter feeds fell victim to the phishing effort, which included several of the Guardian’s editors as well as Guardian Stage, Guardian Film, Guardian Books and Guardian Music. According to a tweet sent out by the SEA via the Books Twitter feed, the group was responding to recent suspension of its own accounts.

"We will keep hacking #Twitter accounts and cause for you problems if you keep suspending our accounts #SEA," the group tweeted via @guardianbooks.

Since last week’s AP Twitter hack announcing a bogus attack on the White House, which in addition to confusion briefly caused a $200 billion loss for the Dow Jones, many within the journalism community have been clamoring for additional security features from Twitter.

One of the most demanded features for enhanced security from the social networking site includes two-step authentication, which might take the form of a code sent via text message in addition to a feed’s password.

Successful exploits by the Syrian Electronic Army come at an inconvenient time for Twitter, which has grown to such a scale that the US Securities and Exchange Commission recently announced that companies can now share market relevant announcements via the platform.

As to what the specific motivations are for the spate of recent takeovers, the SEA told RT Arabic last week that its activities are a response to US media’s reporting of that country’s ongoing civil conflict:

“US news agency Associated Press, alongside other Western news outlets have been engaged in a media war against Syria. But with our infiltration, we have shown that we can fight off any assault,” an anonymous source within the clandestine hacking organization Syrian Electronic Army (SEA) told RT.

Once accounts are compromised, most Twitter feeds are quickly suspended by the service, though the SEA is nonetheless proving quite successful at drawing attention to itself, and perhaps most of all to a need for tighter security.