The Syrian Electronic Army, a hacker group working in support of embattled Syrian President Bashar al-Assad, today began livetweeting evidence of its apparent attacks on multiple Web properties affiliated with President Barack Obama. This included a more-or-less defunct donation site and Obama’s official Twitter and Facebook accounts.
The initial target was campaign page donate.barackobama.com, which was long ago superseded by contribute.barackobama.com. It temporarily redirected users to the URL sea.sy/indexs, which displayed the message “Hacked by SEA.” That breach was resolved by 8:15pm Sunday, but there was more to follow:
We accessed many Obama campaign emails accounts to assess his terrorism capabilities. They are quite high #SEA pic.twitter.com/ARgGLX8IjN
— SyrianElectronicArmy (@Official_SEA16) October 28, 2013
We are watching you, Obama Bin Laden #SEA #SyrianElectronicArmy pic.twitter.com/N0M7cGIOwq
— SyrianElectronicArmy (@Official_SEA16) October 28, 2013
Aside from the website and emails of Organizing for Action, a grassroots nonprofit campaign organization, Obama’s Facebook page and Twitter account, both maintained by the same group, were also compromised, a staffer confirmed. For a time, the links posted on each allegedly redirected to violent YouTube clips or other SEA videos. Others were simply blocked.
Thanks to our operation, Twitter now blocks Obama’s dangerous propaganda links. #SEA pic.twitter.com/6V8g0j5jzL
— SyrianElectronicArmy (@Official_SEA16) October 28, 2013
Tweet says it’s linking to WaPo, but actually links to a Syrian revolution vid on YouTube https://t.co/hfB280WxSt pic.twitter.com/6BZcGtasVY
— Mike Hayes (@michaelhayes) October 28, 2013
A plausible explanation for how they achieved this points to Short Switch, a URL shortener used by Organizing for Action, whose own website appeared in one of the SEA’s screenshots, along with a jab about delinquent bill payments:
Obama spent so much money ravaging #Syria with terror, he can’t even pay his bills pic.twitter.com/dMEj8uFGGI
— SyrianElectronicArmy (@Official_SEA16) October 28, 2013
The Obama Twitter/Facebook hack probably involves this URL shortener. Reset password to phished email account, done https://t.co/7FCe5jasMH
— ╄╄ GONE ╄ HERRMAN ╄╄ (@jwherrman) October 28, 2013
When asked if this was their method, the SEA confirmed: “Yes, true, and that was through hacking @barackobama.com emails and accounts.” Calls placed to both Short Switch and its parent company, Eye Street Research, led nowhere, with automated systems informing us that no representatives were available to answer questions.
Meanwhile, the fishy links seem to have been fixed, and Organizing for Action is tightening security with Google’s two-step authentication. But as Suzanne Snurpus, the staffer who confirmed the hack, told Quartz, we still don’t know exactly what data the SEA were able to secure—or what further damage they might have done.
In the past few months, the SEA has gone after numerous publications that it felt portrayed al-Assad in a negative light. Fox TV, the New York Times, the Associated Press, the Guardian, CBS, and even the Daily Dot have been targets.
Photo via Assadi313