The Syrian Electronic Army is a contentious group of hackers who target people who they believe to be adversaries of the Syrian government.
You may recall that earlier this Summer the SEA successfully kicked the New York Times homepage offline by redirecting the nytimes.com DNS records to its own web address.
Well the malicious group of hackers struck again and this time they upped the stakes by hacking both the Twitter and Facebook accounts of U.S. President Barack Obama.
About an hour ago, Sam Stein, White House Correspondent for the Huffington Post, tweeted the following message:
For several minutes, links using http://ofa.bo redirected to a violent, 23:56 minute Youtube video which showed the bedlam in Syria. ofa.bo is the URL shorterner service used by BarackObama.com. Messaging services such as Twitter use such link shorteners to help keep tweets within the strictures of 140 characters.
A little over an hour ago, the SEA emailed the editors of Mashable.com explaining that they hacked the President’s social accounts by modifying links posted to Mr Obama’s feeds.
Here’s a screenshot of one link the SEA mangled today:
The SEA claims it did this by gaining access to Suzanne Snurpus’s Google Apps email account.
Snurpus is one of the admins with rights to manage BarackObama.com. One compromised, the Syrian Electronic Army had carte blanche access to the site Control Panel.
In a grand act of hubris, the group snapped a screenshot of Snurpus’ hacked Google inbox and sent out the tweet below:
Regarding the incident, Snurpus commented to Quartz.com
We’ve taken measures to correct it. And we’ve all changed our passwords and added an extra layer of login security.
Currently all the broken links have been fixed – but this is a big issue.
Think about it: in today’s debacle the President and his administration didn’t completely suffer but could you imagine if this was a more egregious crime? Can you fathom the ramifications of hacking President Obama’s twitter handle: @BarackObama?
Today the SEA just fiddled with some links but can you think of the melee that would have ensued if all 39 million Barack followers saw a terrifying politically charged tweet from his compromised twitter handle?
Snurpus says she’s taken “measures to correct” the problem; however, why are those measures being taken after the fact? Someone in her position should already be using two-factor authentication! I think the administrators of BarakObama.com should be chagrined and hopefully will learn from this mistake.
This is nuts.