How Syrian Electronic Army Hacked Email Accounts of Assad’s Opponents

Uploaded on 2015-04-21 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Syrian-Electronic-Army-Declares-War-on-Twitter-After-Hackers-Accounts-Are-Suspended-372637-2.jpg

On November 19, 2013, Dan Layman received a disconcerting email from a fake address admin@fbi-useless.gov.

The culprit is the Syrian Electronic Army (SEA), the popular group of hackers aligned with Syrian President Bashar al-Assad, which in the past has hacked high-profile targets including Microsoft, eBay and PayPal.
The SEA claims to have also hacked into the email accounts of Louay Sakka, founder of the SSG; Mazen Asbahi, the former president of the SSG; and Oubai Shahbandar, a former Pentagon analyst and an advisor to the Syrian Opposition Coalition.
The motive is the cyber espionage, the members of SEA launched the campaign at the end of 2013 but there was no news about the operation until now. SEA conducted targeted spear phishing attacks against a number of high-profile people in the Syrian opposition, including Salim Idris, the chief of staff of the Supreme Military Council (SMC) of the Free Syrian Army.
The SEA confirmed have hacked seven high-profile people and offered to Motherboard the proof of the attack, but security experts speculate that many other individuals fell victim of the operation.
The SEA has stolen from the victims any information related activities against the government of Syrian President Bashar al-Assad.
According to the revelation of a SEA member, the Layman email account was simply hacked through brute force attack that revealed the use of “easy and weak” passwords made by the political exponent. The SEA tried to compromise the Layman’s network of contacts by controlling the Layman’s email account. Among the targets are members of the Free Syrian Army and of the Syrian Support Group.
Motherboard examined a collection of screenshots provided by SEA as evidence of the attack that report data stolen from the dissidents’ email accounts, including the Idris’s passport and the names of SSG collaborators in Syria.
The SEA member Th3 Pr0 told Motherboard that the group is aware about the plan to subvert the regime, despite no data appears to be related to military secrets.
But SEA confirmed to have access to the victim’s accounts for a long time. The news of hacking operation against dissidents in Syria is not a novelty. In February, security firm FireEye revealed that hackers tapped into Syrian opposition’s computers and have stolen gigabytes of secret communications and battlefield plans.
The hackers infected the machines of Syrian opposition with malware during flirtatious Skype chats. The hackers targeted several exponents of the Syrian Opposition located in Syria, including armed opposition members, humanitarian aid workers, and media activists.
Security Affairs: http://bit.ly/1cyy5Sz

« Russia's Cyber Attacks Grow More Brazen
INTERPOL Targets Cybercrime in Asia »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Tech Industry Forum (TIF)

Tech Industry Forum (TIF)

Tech Industry Forum is a not-for-profit, membership driven trade body. We bring together end users and some of the UK’s leading cloud, software, platform, infrastructure, and service providers.

Packet Storm

Packet Storm

Packet Storm is an online resource for security tools, whitepapers, exploits, and advisories on computer security issues.

Arxan Technologies

Arxan Technologies

Arxan is a leader of application attack-prevention and self-protection products for Internet of Things (IoT), Mobile, Desktop, and other applications.

Focal Point Data Risk

Focal Point Data Risk

Focal Point is a pure-play data risk management provider capable of offering end-to-end consulting, implementation, and training services.

LinOTP

LinOTP

LinOTP is an enterprise level, innovative, flexible and versatile OTP-platform for strong authentication.

MER Group

MER Group

MER Group is a world-leading solutions provider specializing in Homeland Security (HLS), Cyber and Intelligence, Communication Infrastructure and Tactical Communication Systems.

Plexal

Plexal

Plexal is East London's innovation centre and co-working space. We offer startups flexible memberships, giving them access to office space plus all the benefits and support they need to scale.

ComoNExT Innovation Hub

ComoNExT Innovation Hub

ComoNExT is a Digital Innovation Hub and a startup incubator with a focus on the issues of digital transformation and Industry 4.0.

Darktrace

Darktrace

Darktrace is a global leader in cybersecurity AI, delivering complete AI-powered solutions in its mission to free the world of cyber disruption.

Saiflow

Saiflow

SaiFlow provides a tailor-made cybersecurity solution for Electric Vehicles Charging Infrastructure (EVCI), Distributed Energy Resources (DERs) and energy networks and assets.

ActiveFence

ActiveFence

ActiveFence enables Trust & Safety teams to be proactive about online integrity so they can keep their users safe from online harm – across content formats, languages, and abuse areas.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.

CyberSalus

CyberSalus

CyberSalus is a pioneering cyber tech services company dedicated to protecting the digital integrity of healthcare organizations.

Aspiron Search

Aspiron Search

Aspiron Search is a niche-focused Cybersecurity search firm that works exclusively with venture-backed Cybersecurity firms.

Hydden

Hydden

Hydden gives security teams the ability to create a solid foundation to build a truly next-gen identity security practice by bridging the gaps between siloed teams and technologies.

Exaforce

Exaforce

At Exaforce, we are on a mission to 10× improve the productivity and efficacy of security and operations teams using our transformative multi-model AI engine.