Assad Launches Thomson Reuters Twitter Account Hack with Anti-Semitic Cartoons
The latest in a long line of attacks has seen the Syrian Electronic Army take over the Thomson Reuters Twitter feed, posting disturbing, anti-Semitic cartoons on the account.
News publisher Thompsons Reuters follows the likes of the BBC, the Guardian, Associated Press and Human Rights Watch as the latest organisation to have their Twitter feed hacked by the pro-government Syrian Electronic Army.
At 11.33pm (BST) on Sunday evening, the @thomsonsreuters Twitter account was briefly taken over for a period of around 45 minutes, during which time it posted a series of violent and disturbing cartoons relating to the on-going conflict in Syria.
These images, which have been collected online here, were followed by a tweet saying:
"Always via Syrian Electronic Army(@Official_SEA12) #SEA #Syria#SyrianElectronicArmy"
Twitter suspended the account soon after this final tweet and while the account seems to be back online, there has not been an update for over 12 hours now.
Spear phishing
A spokesperson for Thomson Reuters told the Wall Street Journal: "Earlier today @thomsonreuters was hacked. In this time, unauthorized individuals have posted fabricated tweets of which Thomson Reuters is not the source."
The Syrian Electronic Army (SEA) is a group of hackers who are believed to be based outside of Syria but are thought to be backed by the Assad government. They target groups who they believe to report negatively on the activities of the Assad regime.
The hackers within the SEA use a technique known as spear phishing, where they send specifically tailored emails to employees within the groups they are targeting.
Using this technique the hackers are able to access the Twitter password for the accounts like @thomsonreuters which would have a single password shared across multiple users of the account.
Two-factor authentication
In a bid to stop these types of attacks from happening, Twitter introduced a security measure called two-factor authentication in May, which would require a security code to be sent to your mobile phone every time you tried logging onto the account from a new devices (smartphone, laptop, PC, tablet etc).
However, as most of the accounts at news outlets like the Guardian, BBC and indeed IBTimes UK are used by multiple users, the system is not very efficient and in some cases will not have been switched on - which appears to have been the case with Thomson Reuters.
© Copyright IBTimes 2024. All rights reserved.