How Syrian Electronic Army Hacked Email Accounts of Assad’s Opponents

Uploaded on 2015-04-21 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Syrian-Electronic-Army-Declares-War-on-Twitter-After-Hackers-Accounts-Are-Suspended-372637-2.jpg

On November 19, 2013, Dan Layman received a disconcerting email from a fake address admin@fbi-useless.gov.

The culprit is the Syrian Electronic Army (SEA), the popular group of hackers aligned with Syrian President Bashar al-Assad, which in the past has hacked high-profile targets including Microsoft, eBay and PayPal.
The SEA claims to have also hacked into the email accounts of Louay Sakka, founder of the SSG; Mazen Asbahi, the former president of the SSG; and Oubai Shahbandar, a former Pentagon analyst and an advisor to the Syrian Opposition Coalition.
The motive is the cyber espionage, the members of SEA launched the campaign at the end of 2013 but there was no news about the operation until now. SEA conducted targeted spear phishing attacks against a number of high-profile people in the Syrian opposition, including Salim Idris, the chief of staff of the Supreme Military Council (SMC) of the Free Syrian Army.
The SEA confirmed have hacked seven high-profile people and offered to Motherboard the proof of the attack, but security experts speculate that many other individuals fell victim of the operation.
The SEA has stolen from the victims any information related activities against the government of Syrian President Bashar al-Assad.
According to the revelation of a SEA member, the Layman email account was simply hacked through brute force attack that revealed the use of “easy and weak” passwords made by the political exponent. The SEA tried to compromise the Layman’s network of contacts by controlling the Layman’s email account. Among the targets are members of the Free Syrian Army and of the Syrian Support Group.
Motherboard examined a collection of screenshots provided by SEA as evidence of the attack that report data stolen from the dissidents’ email accounts, including the Idris’s passport and the names of SSG collaborators in Syria.
The SEA member Th3 Pr0 told Motherboard that the group is aware about the plan to subvert the regime, despite no data appears to be related to military secrets.
But SEA confirmed to have access to the victim’s accounts for a long time. The news of hacking operation against dissidents in Syria is not a novelty. In February, security firm FireEye revealed that hackers tapped into Syrian opposition’s computers and have stolen gigabytes of secret communications and battlefield plans.
The hackers infected the machines of Syrian opposition with malware during flirtatious Skype chats. The hackers targeted several exponents of the Syrian Opposition located in Syria, including armed opposition members, humanitarian aid workers, and media activists.
Security Affairs: http://bit.ly/1cyy5Sz

« Russia's Cyber Attacks Grow More Brazen
INTERPOL Targets Cybercrime in Asia »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Interpol

Interpol

Interpol is the world’s largest international police organization. It is committed to the global fight against cybercrime, as well as tackling cyber-enabled crimes.

HUB International

HUB International

HUB is one of the largest insurance brokers in the world. HUB Risk Services provides the full range of expert consulting to identify risks, reduce exposure to loss and manage claims issues.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

AttackIQ

AttackIQ

AttackIQ delivers continuous validation of your enterprise security program so you can strengthen your security posture and your response capabilities.

Fortiphyd Logic

Fortiphyd Logic

Fortiphyd Logic equips operators of the power grid, oil & gas, and other critical infrastructure with the tools and training they need to defend their industrial networks from advanced cyberattacks.

Airtel Secure

Airtel Secure

Airtel Secure’s multi-layered, full service cybersecurity offerings are designed to safeguard enterprises against threats of various kinds and origins.

Coralogix

Coralogix

Coralogix are rebuilding the path to observability using a real-time streaming analytics pipeline that provides monitoring, visualization, and alerting capabilities without the burden of indexing.

Apono

Apono

Apono enables DevOps and security teams to manage access to sensitive cloud assets and data repositories in a frictionless and compliant way.

IPKeys Cyber Partners

IPKeys Cyber Partners

IPKeys Cyber Partners, together with the IPKeys Power Partners unit, provide Cyber Security and CIP Compliance for utilities, grid operators and public safety organization across the USA.

Tenable

Tenable

Organizations around the world rely on Tenable to help them understand and reduce cybersecurity risk across their attack surface—in the cloud or on-premises, from IT to OT and beyond.

Onwardly

Onwardly

For everyday folks tasked with implementing security and privacy. Do it faster with Onwardly - build, launch and scale your cyber resilience program in 30 minutes per week.

Ultima

Ultima

Ultima are on a mission to help businesses unlock their true potential by using the right IT to protect your company’s revenue and reputation – 24/7.

Internet Initiative Japan (IIJ)

Internet Initiative Japan (IIJ)

IIJ is one of Japan's leading Internet-access and comprehensive network solutions providers.

Thero6

Thero6

Thero6 develop dynamic financial analysis algorithms that help prevent coin collapses and theft of cryptocurrency funds by identifying the transaction absolutely throughout the chain.

DYOPATH

DYOPATH

At DYOPATH we work with the single purpose of helping our clients combat the ongoing increase of cyber threats, the growth in more complex IT environments, and ever-increasing human capital shortages.

Night Lion Security

Night Lion Security

Night Lion Security provides discreet and bespoke investigation and incident response recovery services.