Syrian Electronic Army Goes After SkypeBy Sean Michael Kerner | Posted 01-02-2014
In a brazen attack to kick off the brand-new year, the Syrian Electronic Army (SEA) hacker group briefly took control of the Microsoft Skype service blog as well as its Facebook and Twitter accounts Jan. 1.
The SEA is an online hacktivist group that is loosely affiliated with the government of Syrian President Bashar al-Assad. The attack against Skype today did not directly affect any of Skype's voice communications services and did not breach any consumer information.
"You may have noticed our social media properties were targeted today," Skype stated in its official Twitter account. "No user info was compromised. We're sorry for the inconvenience."
The official Skype twitter statement was issued 5:13 p.m. Eastern Time on Jan. 1. The SEA tweeted with the @Skype Twitter account as early as 12:01 p.m. ET on Jan. 1. Instead of issuing pro-Syrian messages with the compromised accounts, the SEA jumped on the anti-National Security Agency (NSA) bandwagon by feeding on the fears that the U.S. government is spying on people. One of the SEA messages stated, "Don't use Microsoft emails (hotmail, outlook), they are monitoring your accounts and selling the data to the government."
Microsoft technologies appear in the NSA's catalog of exploits that were first disclosed just prior to the new year. Microsoft has repeatedly made its position on the NSA activities clear and has taken steps to boost its encryption to protect against government snooping.
Late last year, Microsoft signed an open letter, titled "Reform Government Surveillance," in which AOL, Facebook, Google, LinkedIn, Yahoo and Microsoft also make a plea for the U.S. government to reform its snooping activities. The pleas have not fallen on deaf ears, and a presidential task force report issued Dec. 18 made 46 recommendations to overhaul U.S. intelligence and surveillance operations.
Full details have not yet emerged as to how the SEA was able to gain access to the Skype social media accounts, but some speculate that it was done via a phishing attack.
Security consultant Graham Cluley blogged that one possibility is that the SEA was somehow able to trick Skype's social media team into divulging the required passwords. "Alternatively, it's possible the SEA managed to phish the password for a Skype employee's email account, and from there gathered information about how to log into the various social media accounts," Cluley wrote.
The SEA had a successful track record throughout 2013 of gaining unauthorized access to multiple media properties using a variety of methods. On Aug. 15, the SEA was able to redirect some traffic from The Washington Post Website. That attack was made possible through a phishing attack against a staff writer's Twitter account as well as an exploit of a third-party advertising platform.
On Aug. 27, the SEA successfully exploited and redirected traffic from The New York Times as well as Twitter and The Huffington Post. That particular exploit was enabled by way of an attack against domain registrar Melbourne IT, which was the host for the domain information for the attacked sites. The SEA was able to infiltrate Melbourne IT and change Domain Name System (DNS) entries for the sites, temporarily redirecting traffic.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.