- Laura Ingraham mocks Rep. Ilhan Omar’s accent in audio clip Sunday 5:46 PM
- #ExposeChristianSchools goes viral after Karen Pence and Covington Catholic School uproars Sunday 4:37 PM
- People have started laundering money on Fortnite Sunday 3:03 PM
- Cardi B claps back at Tomi Lahren’s sarcastic tweet Sunday 1:25 PM
- Twitter may have exposed Android users’ private tweets Sunday 12:13 PM
- Leave Me Alurn is the ‘SNL’ product we wish existed in real life Sunday 10:06 AM
- How to watch ‘Charmed’ online for free Sunday 9:00 AM
- How to watch Patriots vs. Chiefs online for free Sunday 8:15 AM
- This is the ‘Star Wars’ VR experience you’re looking for Sunday 8:00 AM
- ‘Salt Fat Acid Heat’ takes viewers on a journey through the four building blocks of a great dish Sunday 7:00 AM
- How to tell the deep web from the dark web Sunday 7:00 AM
- How to watch the Saints vs. Rams online for free Sunday 6:15 AM
- How to watch ‘Supergirl’ online for free Sunday 6:00 AM
- How to stream the NFL conference championship games Sunday 5:00 AM
- How to watch Barcelona vs. Leganes online for free Sunday 1:00 AM
Two days after having its accounts compromised, The Onion detailed what went wrong.
While known for sharp and biting satire, The Onion still fell for a simple phishing scam on Monday set by suddenly ubiquitous Syrian Electronic Army (SEA).
The upside: The Onion has described exactly how it happened.
First, the SEA sent a few Onion employees bogus email from a bogus address. Appearing to come from Elizabeth Mpyisi ([email protected]), it emailed Onion employees with an awkward message and a link that seemed to point to a Washington Post article about The Onion:
Dear The Onion Journalists,
Please read the following article for its importance:
Thanks & Regards
But there was no such article at The Washington Post, and that link was actually a dummy. It redirected to a different site the SEA had set up, which asked for users’ login credentials.
And here’s where somebody at The Onion got really careless. The unidentified employee typed in his or her company Google username and password, even though the Associated Press had fallen for the exact same ruse two weeks earlier, which led to an errant tweet that President Obama had been attacked and a brief dip in the Dow Jones Index.
Then, the scheme was on. Now that SEA had an employee’s email, it sent out that exact same message to other Onion employees—this time appearing to come from a coworker. A few more fell for it, and one of those had credentials to The Onion‘s Twitter and Facebook accounts.
The Onion, which didn’t yet have the situation under control, fought back with its main tool, satire, and published a story titled “Syrian Electronic Army Has A Little Fun Before Inevitable Upcoming Deaths At Hands Of Rebels.”
“It’s seems that they lost their minds after the hack,” a member of the SEA told the Daily Dot. The hackers retaliated with lulz, tweeting screengrabs of emails it sent from a compromised account to fellow Onion email addresses, spoofing advice on how to avoid future hacks.
“Limit site traffic to about twenty or thirty visitors per month,” read one. “Call your congressman and have them pressure President Obama to intervene in Syria,” went another.
Eventually, the Onion reset every single employee’s Google password and regained control of their social media arms.
It’s not exactly clear why the SEA chose The Onion as a target, but here’s a guess: The group has loose ties with the Syrian government, which is currently embroiled in a civil war and has been accused of using chemical weapons. And it tends to attack news organizations seen as giving good press to Syrian rebels or bad press to President Bashar al-Assad’s regime. A few days before the hack, The Onion published a story titled “‘Help Has To Be On The Way Now,’ Thinks Syrian Man Currently Being Gassed.”
Illustration by Fernando Alfsonso III
A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.