#Exclusive: Syrian Electronic Army hijacks Microsoft Xbox Instagram and twitter accounts


Just few days after, hacking the official twitter account of Skype, Syrian Electronic Army once again has attacked Microsoft.  Today, they have hijacked the Official Twitter and Instagram accounts.

It appears @xbox and @xboxsupport twitter have been compromised in the attack.  The group managed to post usual post from Xbosupport account saying "Syrian Electronic Army was here".

At the time of writing, Microsoft regained the access to both Twitter and Instagram accounts.

It is still unknown how hackers managed to compromise these accounts.  I believe they have used their usual social engineering attack.

We are trying to reach the group for further statement. We will update if get any interesting info.

*Exclusive -Update:
One of the member of SEA group told E Hacking News that they have compromised the info by sending an email containing malware file to Microsoft's staff.

Hackers told us that "another hack will come soon with publishing the documents of monitoring email accounts by Microsoft".

*Update:
Microsoft News twitter account also have been hijacked by Syrian Electronic army, read the full update here.

More screen shots:





Exclusive: Vice.com hacked by Syrian Electronic Army, redirects to SEA website

Syrian Electronic Army known for hacking high profile US based websites has once again come up with high profile website hack.

Today, the group hacked into VICE main website(vice.com), an US based international magazine focused on arts, culture, and news topics.

The hackers managed to gain access to the administration panel of the website and modified the website to redirect to hackers' website.

"Dear the @VICE, Your website was hacked in order to deliver a message" The tweet posted by the hackers reads.



They also published an article saying "Your website was hacked by the Syrian Electronic Army. This time we just deleted the article that you claimed in it that you exposed "Th3Pr0" identity. But you didn't. You published names of innocent people instead. The second time we will delete all your website"

Exclusive: The group provided us two screenshots of Gmail account belong to the Vice's employees. One of the account belong to the Developer of the Vice website who have full access to the website.

Even Though the developer got a warning about phishing attempt from his VICE cms manager, he fall into the trap of hackers.

They group also claimed to have hacked into the mailchimp account and managed to send mail to 33,000 subscribers.
 

Exclusive: Outbrain service hacked , CNN , Washington Post and Time affected

Syrian Electronic Army has hacked into Outbrain service and take control of admin panel. The security breach affects CNN, Washington Post, Time  and more high profile websites.

Outbrain is a content recommendation service whose widget offers to help internet publishers increase web traffic at their websites. It does so by presenting them with links to articles and other content.


CNN outbrain hacked


Speaking to E Hacking News, hacker said that the admin panel of Outbrain is hosted in the local server.  However, they managed to login into the panel with the help of VPN and access panel.

The group also told EHN that they have compromised emails of Outbrain.  At the time of writing, the website is back to normal.

" Reading @wapo article & redirected to website of Syrian Electronic Army--twice. A nice hack, but now I'm probably on a watch-list." Nathan K. Hensley posted in his tweet.

The hackers also provided us exclusive screenshots of the admin panel of outbrain :


CNN Affected

Time website affected


Sky News Google Play account hacked by Syrian Hackers

Syrian Electronic Army the Syrian hacker group who hijacks twitter&facebook accounts of western media compromised the Sky News' Google Play account.

Hackers placed their logo in the Google play account.  The group also changed the description of the app to "Syrian Electronic army was here".

You can still view the Syrian Electronic army logo at "https://play.google.com/store/apps/details?id=com.bskyb.skynews.android&hl=en … … https://play.google.com/store/apps/details?id=com.bskyb.android.skyplus"




It appears the SEA has compromised the google play developer account of SkyNews. Syrian Electronic Army gave us an exclusive screenshot showing that they have access to the Google Play developer console of Sky News where we can see all skynews apps. 

Exclusive Screenshot: Google play developer console


"All Sky's Android apps were hacked and replaced... please uninstall it, And we will let you know when it will be available" SkyNews confirmed the security breach.

This is the first team SEA has hijacked Google Play accounts. Usually, they hijack twitter and facebook accounts.  Recently the group compromised the twitter accounts of ITV News London, Telegraph , FT and more.

ITV News London Twitter account hacked by Syrian Electronic Army

I said few days ago the two-step authentication feature will stop Syrian Electronic Army from hacking the Twitter accounts.  Yesterday Twitter enabled the Two-step authentication security feature that prompts you to enter the temporarily generated password sent to your phone.  You can login to the account only if you provide the correct password.

It appears the ITV News London fails to enable this feature in their account that allowed the SEA team to get in.  Today, Syrian electronic army hijacked the @itvlondon.



As usual, they posted some fake tweets from the hijacked account.

"Cameron cuts education funding, triples aid to Syrian rebels: "Israel's long security is the UK's first priority". itv.co/36k2PO" one of the fake tweet posted by the SEA reads.

"Just kidding.  The syrian Electronic Army was here. #SEA" another tweet reads.

The account seems to be recovered by the admin at the time of writing but the Syrian Electronic army and EHN's reader provided the screenshots for the hack.

The screenshot provided by SEA(click the image for full-size image)


8 Telegraph Twitter accounts and Facebook hacked by Syrian Electronic Army

The Daily Telegraph , UK based international news portal, is the latest victim to the social media hacks of Syrian Hacker group. Earlier today, the Syrian Electronic Army has hijacked 8 Twitter accounts Telegraph news and facebook account.

As usual hackers started to tweet from the hacked account. "#FSA terrorits executed innocent citizens: on.ft.com/10VkxZk #SEA Syria" one of the tweets posted by the group reads.




The list of hacked accounts:
  1. https://twitter.com/TelegraphNews
  2. https://twitter.com/TeleTheatre
  3. https://twitter.com/TelegraphOpera
  4. https://twitter.com/TelegraphArt
  5. https://twitter.com/TelegraphFilm
  6. https://twitter.com/Tele_Comedy
  7. https://twitter.com/TelegraphSport
  8. https://twitter.com/TelegraphBooks

In addition to the twitter account hack, they also hijacked the official Facebook Page : https://www.facebook.com/TELEGRAPH.CO.UK

"We are aware that some of our accounts have been compromised and are working to resolve the issue. Many thanks for your patience." The telegraph responded to the hack.

Saudi Arabia Ministry of Defense Mail System compromised by Syrian Electronic Army

Earlier Today, the Syrian Electronic Army, the group known for hijacking twitter accounts of top news organization, has tweeted they have compromised the Saudi Arabia's Ministry of Defence Mail system.

"The #SEA is prepared to release secret documents that belong to the Saudi Arabian defense ministry after compromising their email system" One of the tweets reads.

The group said "The leaks include correspondence and secret arms deals from the Saudi Ministry of Defense... These were forwarded to the Syrian government."

The hacker also provided a screenshot that proves the syrian electronic army has managed to gain access to the Saudi Arabia's Ministry of Defence Mail system.


The group recently hijacked the Social media accounts of Financial Times, The Onion, E! News, the Guardian and more.  You can find here the list hacks done by the SEA : Syrian Electronic Army

Syrian Electronic Army hacked 3 BBC Twitter accounts


Syrian Hacktivists known as "Syrian Electronic Army" has taken control of the three official Twitter accounts belong to BBC.

The hackers hijacked the BBC Arabic Online(@BBCArabicOnline),  BBC Weather account(@BBCWeather) and BBC Radio Ulster account (@bbcradioulster).

After hijacking the BBCArabicOnline , the hacktivists tweeted "Syrian Electronic Army was here via @Official_SEA #SEA".


"And that came in response to what BBC practiced of lies and fabrication of news  and in addition to the bias to the bloody opposition" Hackers stated the reason for this cyber attack.

Speaking to EHN, the hacker provided the email id, password of email id and passwords of Twitter accounts.  At the time of writing, the BBC recovered their accounts back.

An Interview with Syrian Electronic Army hacktivists


Today, E Hacking News interviewed the famous Syrian hacktivists "Syrian Electronic Army". The Syrian Electronic Army recently hacked Twitter accounts of Fracne24, Qatar Foundation and AFP. 

*. Please introduce yourself to EHN readers
i'm a Syrian hacker called "The Pro", The leader of special operations department in the Syrian Electronic Army

Tell me something about your Team
The Syrian Electronic Army is a group of Syrian youth who are trying to defend their country against the media campaign against Syria
our mission is spread the truth about what is really happening in Syria

*. What are SEA's objectives?
we attack the media channels who are involved in what is happening in Syria
we spread the truth and publish our message to the world
the enemies of Syria are using the media as a tool to destroy Syria

*. Why did you choose to become a hacktivist? What are your thoughts on hacktivism?
you know that more than 200 channels are covering the Syria crisis
the Syrian media are doing great but
the "bloody" media more stronger than it
so we choose the hacking way
to use their accounts,websites,emails
as a weapon in our hand
every channel have its followers
so we try to gave this followers the truth
instead of lying all the time


*. what kind of method you use for attacking websites?
we use many methods to attack the websites
attacking the host server ... and targeting the domain owner for exmaple
and for the social media accounts
we attack the mail server
like Skynews arabia and AFP


*. How many websites you hacked so far?
we hacked too many websites, but there are a very secure and powerful websites and there are normal websites
http://zone-h.org/archive/special=1/notifier=SEA
http://www.zone-h.org/archive/notifier=The%20Pro

*. What is your next target? How do you choose your targets?
all the enemies of Syria are targets for us
governments,media channels, websites ....


*. Are you afraid of getting caught?
we are not doing something bad to get caught
we are defending our country
but we have 2 martyrs until now
 killed by the "Free" army that pretends to represent to the world they are "peaceful" opposition


*. Is there anything else you would like to add?
no thanks

Syrian Electronic Army hacked into Emails of Israel News site Haaretz


The hacker group Syrian Electronic Army hacked into mail system of Israel News Paper Haaretz.

The hackers claimed that they gained access to more than 80 email accounts and passwords of Haaretz employees and leaked the data in their official website.(syrian-es.org/leaks/Haaretz/Haaretz-EmailsAndPasswords)

According to Haaretz report, the hackers sent a spoofed emails to Haaretz employees and asked them to click a link that leads to an article on website of The Guardian, about talks between the United States and the Syrian opposition.

Once the employee click the link, it redirect the victim to a page requesting them to enter their login credentials that allowed hackers to breach their work email accounts.

Haaretz take down the email server after the security breach. The Haaretz Group responded by saying that all employees' email passwords will be changed.  Readers' data from Haaretz Group websites  are not affected by this breach.

Screenshot that lists the Haaretz employees' email accounts
The employees use very simple passwords.  We have selected the Best password used by the Employees (lol) : "Abc123".

"It's just the beginning ... Next hacks will include Israeli government targets " Hackers said in their post.

Syrian Electronic Army hacked Saudi Arabian Ministry of Defense and other government sites


Hacker break into Administration Panel of Ministry of Defense Saudi Arabia

The hacker collective Syrian Electronic Army is back with another huge Cyber attack. They have breached all the websites that belong to Ministry of Defense of Saudi Arabian and other government websites.

According to the hacker official page, they have hacked The Saudi Ministry of Defense(moda.gov.sa), Saudi Arabia Defense Industries (mic.gov.sa), Admission gate of the Armed Forces (afca.gov.sa).

Other hacked sites includes a Saudi government site(csc.edu.sa), General Directorate of Military Works(gdmw.gov.sa),  General Directorate of Military Survey (gdms.gov.sa).

Few more hacked sites : a Saudi government site(psmpq.org.sa), safous.gov.sa, Royal Saudi Land Forces(rslf.gov.sa) ,Royal Saudi Navy Foces(rsnf.gov.sa) , General Organization for Military Industries(mic.org.sa).

At the time of writing , most of the affected websites appeared to have been taken offline.  You can check the mirror of defacement here:
 http://www.zone-h.org/mirror/id/18910865