It has been a week to the dot since the Syrian Electronic Army has last commandeered an unsuspecting Twitter account, this time going after the United Kingdom’s ITV News media company, which owns the UK’s largest TV station. Earlier this evening, half a dozen unusual tweets were sent out via the account, with a couple of them referencing the SEA hacking collective.
The messages were deleted a short while later, followed by a confirmation from ITV News that it had, in fact, been cyberattacked, making it the latest victim in what has been a long and ever-growing list replete with other big-name companies. Until today, The Financial Times was its latest victim, and before that The Guardian, which was hit on April 29.
According to Businessweek, the six tweets included one insulting the French, saying, “Francois Hollande to double aid to rebels, including a complementary French flag with every aid package.” Included in that tweet was an image of a white flag. The tweets eventually pointed towards the SEA as being the source, with one linking to an article said to concern Twitter’s victory over the hacking group. Shortly after that one was another that read: “Just kidding. The Syrian Electronic Army was here.”
The last two tweets perhaps referred to the brief battle between the SEA and Twitter on April 23, with Twitter banning accounts as fast the Syrian Electronic Army could make them. The hackers created at least 6 Twitter accounts that day, with the social network eventually banning each of them.
As we’ve previously noted, humor fake-news website The Onion, which had also fallen victim earlier this year, posted a write up explaining the result of its investigation into the matter. As had been stated by victims before it, the Syrian Electronic Army managed to get the social media account’s credentials after sending out phishing emails to a few employees, with it usually only taking one to fall for it in order for the plan to be successful. As such, media companies are encouraged to teach their workers how to recognize phishing schemes to help prevent such an attack.