The Guardian becomes hacker army's latest media victim

Guardian Twitter feeds have become the latest social media hack victims of the Syrian Electronic Army

"Follow the Syrian Electronic Army... Follow the truth! @Official_SEA12 #SEA #Syria” was one not-so-subtle clue as to the attackers’ identities, posted via the paper’s @GuardianSustBiz and @BusinessDesk accounts yesterday.

“The hackers have been making a habit of breaking into high profile Twitter accounts in recent weeks - their attack on AP's Twitter account where they posted fake news of an explosion at the White House, actually managed to cause a drop in the Dow Jones,” noted Sophos Security’s Graham Cluley. The SEA also has recently hit BBC, NPR, CBS, Al-Jazeera and FIFA.

As many as 11 accounts belonging to The Guardian were hijacked – and “although some have been recovered, others appear to either still be harboring the unauthorized tweets or to have been suspended by Twitter security,” Cluley said.

The SEA is likely becoming successful in its account overtaking thanks to phishing emails, Cluley pointed out.

“For instance, if the attackers were to send a convincing looking email to a news agency, claiming to be a link to a breaking news story, recipients might be fooled into clicking on it and being tricked into entering their Twitter account details,” he said.

Most media organizations allow, if not demand, that a wide range of staff update their official Twitter accounts, so it only requires one worker to be fooled by an attack for the account password to fall into the wrong hands.

James Ball, a journalist at The Guardian, said that he ran across what seemed to be smart social engineering mails. Over the weekend he first noticed things awry: “Hm. Phishing attack specifically targeted at Guardian journalists in my inbox right now. SEA at work again?” he tweeted. He added a couple of days later, “The guys doing the Guardian phishing attack I mentioned yesterday (it's SEA) are really very good: sustained, changing, mails today.”

Cluley had common sense advice: “Make sure that the staff in your company are on the lookout for suspicious emails, and are clued-up about safe password usage to reduce the chances of being phished.”

The Guardian becomes hacker army's latest media victim

You may also like

All kidding aside, the Syrian Electronic Army hacks The Onion

Syrian Electronic Army hacks NPR

CBS News confirms hack of Twitter feeds

In the wake of hacks, Twitter issues security advice to media

Industry-wide web email attacks spreading

What’s hot on Infosecurity Magazine?

Alarming Decline in Cybersecurity Job Postings in the US

CrushFTP File Transfer Vulnerability Lets Attackers Download System Files

MITRE Reveals Ivanti Breach By Nation State Actor

How to Backup and Restore Database in SQL Server

Russia's Sandworm Upgraded to APT44 by Google's Mandiant

Massive Brute-Force Attack on Alibaba Affects Millions

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Report Suggests 93% of Breaches Lead to Downtime and Data Loss

US Government and OpenSSF Partner on New SBOM Management Tool

NIST Unveils New Consortium to Operate National Vulnerability Database

EU Elections: Pro-Russian Propaganda Exploits Meta's Failure to Moderate Political Ads

Incident Response: Four Key Cybersecurity Measures to Protect Your Business

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Disinformation Defense: Protecting Businesses from the New Wave of AI-Powered Cyber Threats

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Untangling the Web: Navigating Third-Party Risk in a Hyperconnected World

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024