How Syrian Electronic Army Hacked Email Accounts of Assad’s Opponents

Uploaded on 2015-04-21 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Syrian-Electronic-Army-Declares-War-on-Twitter-After-Hackers-Accounts-Are-Suspended-372637-2.jpg

On November 19, 2013, Dan Layman received a disconcerting email from a fake address admin@fbi-useless.gov.

The culprit is the Syrian Electronic Army (SEA), the popular group of hackers aligned with Syrian President Bashar al-Assad, which in the past has hacked high-profile targets including Microsoft, eBay and PayPal.
The SEA claims to have also hacked into the email accounts of Louay Sakka, founder of the SSG; Mazen Asbahi, the former president of the SSG; and Oubai Shahbandar, a former Pentagon analyst and an advisor to the Syrian Opposition Coalition.
The motive is the cyber espionage, the members of SEA launched the campaign at the end of 2013 but there was no news about the operation until now. SEA conducted targeted spear phishing attacks against a number of high-profile people in the Syrian opposition, including Salim Idris, the chief of staff of the Supreme Military Council (SMC) of the Free Syrian Army.
The SEA confirmed have hacked seven high-profile people and offered to Motherboard the proof of the attack, but security experts speculate that many other individuals fell victim of the operation.
The SEA has stolen from the victims any information related activities against the government of Syrian President Bashar al-Assad.
According to the revelation of a SEA member, the Layman email account was simply hacked through brute force attack that revealed the use of “easy and weak” passwords made by the political exponent. The SEA tried to compromise the Layman’s network of contacts by controlling the Layman’s email account. Among the targets are members of the Free Syrian Army and of the Syrian Support Group.
Motherboard examined a collection of screenshots provided by SEA as evidence of the attack that report data stolen from the dissidents’ email accounts, including the Idris’s passport and the names of SSG collaborators in Syria.
The SEA member Th3 Pr0 told Motherboard that the group is aware about the plan to subvert the regime, despite no data appears to be related to military secrets.
But SEA confirmed to have access to the victim’s accounts for a long time. The news of hacking operation against dissidents in Syria is not a novelty. In February, security firm FireEye revealed that hackers tapped into Syrian opposition’s computers and have stolen gigabytes of secret communications and battlefield plans.
The hackers infected the machines of Syrian opposition with malware during flirtatious Skype chats. The hackers targeted several exponents of the Syrian Opposition located in Syria, including armed opposition members, humanitarian aid workers, and media activists.
Security Affairs: http://bit.ly/1cyy5Sz

« Russia's Cyber Attacks Grow More Brazen
INTERPOL Targets Cybercrime in Asia »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Roka Security

Roka Security

Roka Security is a boutique security firm specializing in full-scale network protection, defending against advanced attacks, and rapid response to security incidents.

Cimcor

Cimcor

Cimcor’s flagship software product, CimTrak, helps organizations to monitor and protect a wide range of physical, network and virtual IT assets in real-time.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Energia Ventures

Energia Ventures

Energia Ventures is a three-month intensive accelerator for entrepreneurs with an innovative business in the energy, smart grid, cleantech, and cybersecurity sectors.

DreamIt Ventures

DreamIt Ventures

DreamIt Ventures is an early stage venture fund that accelerates startups building transformative tech products in the fields of Healthtech, Securetech, and Urbantech.

Knowledge Transfer Network (KTN)

Knowledge Transfer Network (KTN)

KTN links new ideas and opportunities with expertise, markets and finance through our network of businesses, universities, funders and investors.

Incopro

Incopro

Incopro is an online IP and brand protection software provider that arms brand owners with actionable intelligence to combat online and offline intellectual property and copyright infringements.

MassMutual Ventures

MassMutual Ventures

Mass Mutual ventures backs companies building category-defining businesses in markets including enterprise software, digital health, cybersecurity, and fintech.

WolfSSL

WolfSSL

wolfSSL is an embedded SSL/TLS library providing secure communication for IoT, smart grid, connected home, routers, applications, games, phones, and more.

CyNam

CyNam

CyNam is a platform for enabling the growth and development of people and organisations within Cheltenham’s flourishing cyber technology ecosystem.

CERT.JE

CERT.JE

CERT.JE is responsible for promoting and improving the cyber resilience across the critical national infrastructure, business communities and citizens in Jersey.

e-Xpert Solutions

e-Xpert Solutions

e-Xpert Solutions is a company specialized in the Information Security field since 2001. Our skills are strong technical expertise and the development of tailor-made solutions.

PointWire

PointWire

PointWire offers a range of cybersecurity solutions and services including Penetration Testing on various levels, as well as Intrusion Detection and Prevention Systems.

Descope

Descope

Descope is a service that helps every developer build secure, frictionless authentication and user journeys for any application.

DynTek

DynTek

DynTek delivers exceptional, cost-effective professional IT consulting services, end-to-end IT solutions and managed IT services.

Digital Encode

Digital Encode

Digital Encode is a leading consulting and integration firm that specializes in the design, management, and security of business-critical networks, telecommunications, and IT infrastructures.