So how does the Syrian Electronic Army do it? The latest victims of the group’s social-media hacking ways, per a report on computerworlduk.com, were the New York Post‘s Facebook page, several individual newspaper reporter Twitter feeds and the Facebook/Twitter pages of social media management company SocialFlow.
Order at both ends has been restored after the Tuesday breaches; the connection here is that the Post uses SocialFlow’s dashboard to manage its accounts. Computer security expert Graham Cluley suggests that the Army relied on their same old tricks:
Chances are that Post and SocialFlow fell victim to the Syrian Electronic Army via the group’s normal method of attack – emailing staff at one media organization with a forged “sent” address in the email header, linking to what claims to be a breaking news story that the recipient should check out. Clicking on the link then takes users to a phishing site where passwords are stolen.
SocialFlow has acknowledged the event on its Twitter feed, while the Post at press time had not. The message the Army posted on Post baseball writer Mike Puma‘s Twitter page and elsewhere read: “Syrian Army Was Here Via @Official_SEA16 #SEA.”
- Daily News Publishes Daily News Exclusive
- On His 67th Birthday, Kareem Abdul-Jabbar Starts New Gig: Los Angeles Register Columnist
- Texas Monthly to Sue NY Times
- Daily News and Post are Enjoying the Sharpton Informant Story