Syrian Electronic Army Hacks White House Employees
The Syrian Electronic Army allegedly hacked at least three White House employees in a campaign against the team responsible for the Obama administration’s social media outreach, according to NextGov. The hacking movement breached Gmail accounts by sending the staff targeted e-mails containing links to fraudulent websites.
Scammy e-mails looked like legitimate BBC or CNN newsletters, but redirected users to Gmail or Twitter copycats. The White House employees filled in their e-mail and Twitter credentials on the fake web pages where hackers captured them.
“I imagine that the names and email addresses of people at the White House in digital media or anything related to media are easy to find since their job involves public access,” said Jeffrey Carr, cybersecurity analyst at Taia Global, as quoted by NextGov. “A list of targets would be created from open sources and that’s who the phishing email would be delivered to.”
The hacking attack began Sunday night and targeted more than a dozen former or current employees at the White House. This is the first time the Syrian Electronic Army has conducted more serious attacks against enemies of the Assad regime instead of hacking Twitter accounts and media outlets.
Security company FireEye also warned the group is becoming a more serious threat.
“Successful attacks on international communications sites such as TrueCaller, Tango, and Viber could give Syrian intelligence access to the communications of millions of people,” FireEye security experts said. “Such attacks can also put human beings in real danger through espionage, intimidation, and/or arrest.”
Besides instant-messaging and VoIP service Viber and the Associated Press’ Twitter account, the Syrian Electronic Army has successfully targeted Al-Jazeera, the BBC, Daily Telegraph, Financial Times, The Guardian, Human Rights Watch and America’s National Public Radio. The hacking group started its activity in 2011 to defend Syrian President Bashar al-Assad.