Friday, March 7, 2014

Syrian Electronic Army attacks Forbes.com

The Syrian Electronic Army, the cyber wing of Bashar al-Assad's army, attacked Forbes.com website Friday, compromising user data, defacing webpages and posting a fake story to the site.

In a security message on Forbes.com, a message posted over the weekend from Forbes staff said, "The email address for anyone registered with Forbes.com may have been exposed." The site has temporarily disabled user logins.

The SEA announced the hacking on Twitter on Valentine's Day, posting a story titled "Hacked by the Syrian Electronic Army" under cybersecurity correspondent Andy Greenberg's byline.

The hacking group, whose members are anonymous, claimed in an email sent to and published by the International Business Times that they targeted Forbes because the financial publication's "hate for Syria is very clear and flagrant in their articles."

On Friday, the Twitter account of the SEA had this post: "#Forbes users table (1,071,963 user-email-password) was dumped successfully, Anyone want to buy it?" https://twitter.com/Official_SEA16. And in a later tweet, the SEA warned that it was planning to publish a database of all Forbes users as soon as it could find "a secure host" on which to upload it.

The hackers also defaced a number of other pages on the site, and they hijacked the Twitter accounts @ForbesTech, @TheAlexKnapp and @Samsharf, according to published reports by IBT, tech news website CNET and Romensko, a media news website.

Alex Knapp is the social media manager for the Forbes site, and two published reports claimed the site had been accessed through his Twitter account. Samantha Sharf is a personal finance/markets reporter for the magazine.

The Forbes security message also warns users to "be wary of emails that purport to come from Forbes, as the list of email addresses may be used in phishing attacks." Phishing attacks are mounted, using fake emails that appear to be from legitimate companies or institutions and asking for personal information such as passwords and! credit card information.

Top 5 Gold Stocks For 2015

It went to "strongly encourage" users to change their passwords once it makes sign-on available again.

"We have notified law enforcement. We take this matter very seriously and apologize to the members of our community for this breach."

A media inquiry for more details about the hacking incident was not immediately returned.

No comments:

Post a Comment