Syrian hackers target White House staffers, Reuters
Posted on 30 July 2013.
The Syrian Electronic Army has been busy over the last few days, and has managed both to hijack the official Reuters Twitter account and to compromise personal email accounts of a number of White House staffers.

According to BuzzFeed, the @thomsonreuters was compromised earlier today and was updated with half a dozen tweets containing political cartoons commenting on the situation in Syria.

The tweet string ended with an image of the hacker group logo, and a message from the group claiming credit for the hack:


Reuters and Twitter reacted nearly an hour later, and the compromised Twitter account was temporarily suspended. It is now back online, and the offending tweets have naturally been deleted.

The hacker group has boasted about the attack, but has not shared information on how they managed to pull it off. More likely than not, they have sent a phishing mail to one of Reuters' employees that was responsible for updating the organization's Twitter account.

Three White House staffers have fallen for that particular scheme over the weekend, and have had their personal Gmail accounts compromised. The hackers then used them to send phishing emails to their colleagues.

According to Nextgov, the initial phishing emails contained links labeled to look like legitimate BBC or CNN articles. But, once the victims clicked on them, they led to a spoofed Gmail or Twitter login screen, making them think that they were required to log into their accounts in order to peruse the articles.

Apart from becoming a staging point for other phishing attacks, the compromised email accounts are also likely to yield some sensitive government-related information - despite the fact that it is illegal for White House staffers to use personal email accounts for business communications.

Compromised Twitter accounts are helpful for spreading false information, as evidenced by the April incident when the hijacked Twitter account of the Associated Press ran the "news" that there had been two explosions in the White House and that U.S. President Barack Obama had been injured.









Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //