Tweet This

08.13.13

Syrian Electronic Army Strikes Again, Hits SocialFlow, New York Post

You might want to change your Twitter password. On Tuesday, the Syrian Electronic Army hacked Twitter accounts belonging to SocialFlow and the New York Post, writes Brian Ries.

It seems no one’s safe from the Syrian Electronic Army. The online activists claimed credit on Tuesday for hacking the Facebook page of the New York Post and the Twitter feeds of some of the paper’s reporters. It also hacked into the Facebook page, Twitter account, and blog of SocialFlow, a social media optimization service used by scores of media outlets, including The Daily Beast, to manage their Twitter and Facebook pages.

The first hint that something was wrong came when SocialFlow’s own Twitter feed starting sounding funky. Its usual trickle of dry marketing-speak ("Are influencers actually that important to your social media strategy?"), suddenly changed tone at 3 p.m.

130813-twitter-hack-ries-1

"Syrian Electronic Army Was Here," read the tweet, which also mentioned a Twitter account belonging to the hackers, along with the hashtags #SEA and #SyrianElectronicArmy. A second tweet appeared shortly thereafter: "Fuck you @twitter," it read, with a ":P" emoticon (that’s a guy sticking his tongue out, for all you non-emoticon users out there), and a picture of Twitter's "fail whale."

Moments later, similar tweets appeared on the Twitter accounts of the New York Post's business section, the New York Mets beat reporter Mike Puma, the New York Post's Brian Lewis, Page Six's Richard Johnson, and the Washington Post's sports columnist Jason Reid—all five of which appeared to be posted via HootSuite, a competitor to SocialFlow.

The New York Post's Facebook page, too, was a victim of the hack, with the message, "Syrian Electronic Army Was Here" appearing on the page (which quickly got 4 "likes" and 7 "comments"). The Twitter account associated with the Syrian Electronic Army claimed this as one of theirs, too, posting a screenshot of the view from within the Post's SocialFlow dashboard—indicating they had somehow a hold of that user-password data as well.

Twitter users, myself included, quickly spotlighted the rapid series of attacks—which were particularly frightening because of the scope of major media accounts that are managed by SocialFlow.

The company, reacting quickly to secure its clients' accounts, pulled the plug. Its website was inaccessible for much of the hour after the first tweet.

But without initial communication from SocialFlow, which, admittedly, had its hands full, many in the media who use the service were left to wonder if more hacks were on the horizon.

".@SocialFlow was hacked. Is your social client safe?!" wondered Mia Aquino, social media lead at This Is Fusion, a digital marketing company.

"Unhelpfully, @SocialFlow doesn't mention a thing about user accounts currently being compromised," added Circa's Anthony De Rosa.

"Have asked for info and haven't heard," added The Guardian's Katie Rogers.

When initially reached by The Daily Beast through its support services, the company apologized for the hack and said it was "working to bring all systems back online as quickly as possible."

SocialFlow later issued a statement from its Twitter account explaining how it was compromised by the Syrian Electronic Army.

"Update: today an employee's email account was compromised in a phishing attack. As a result, our Twitter and [Facebook] accounts were compromised. No customer access or data was compromised in this attack. As part of our security controls, we immediately took our service offline. We are following security protocols to restore service and are communicating with customers directly."

Mike Puma, the New York Post Mets writer, after regaining control of his account also reacted to the hack. "Going to try and get the Syrian Electronic Army to write my story tonight so I can stay poolside," he tweeted. "Changing my password."

Jason Reid, a sports columnist for the Post, cleared things up too. "Got hacked," he wrote. "Sorry."

The group, which has hacked a variety of major Twitter accounts in the past ranging from the Associated Press to The Onion, has used the tactic to punish media outlets it says is critical of Syrian President Bashar al-Assad. In a New York Times interview following the AP hack, a hacker with the handle Th3 Pr0 said it was "because the Syrian Electronic Army believed the United States was 'supporting the terrorist groups in Syria'."

In an interview, SocialFlow CEO Jim Anderson said he sees the attack as a “sign of the times that highlights the importance of everybody being vigilant about email security.” Anderson says being aware of hacking threats is “part of being on the Internet and a tech professional in 2013.”

Nearly two hours after the initial hack on Tuesday, the Twitter account associated with the hackers remained on the site, proudly tweeting a link to a tech site documenting its exploits.

Update: An earlier version of this story erroneously described the group as anti-Bashar al-Assad. They are in fact pro-Assad.