Syrian Electronic Army phishes White House staffers

The SEA took a break from its usual M.O. of targeting news organizations and tried to hack the White House instead.


Tim Sampson

Internet Culture

Published Jul 31, 2013   Updated Jun 1, 2021, 10:18 am CDT

After taking on purveyors of real news and fake news, the Syrian Electronic Army has evidently turned its focus to the White House.

Featured Video Hide

The SEA took to Twitter earlier this week to take credit for a semi-successful phishing attack against White House staffers. Members of the hacking group were successful in compromising the email accounts of three staffers, but the official White House social media passwords they obtained were already outdated. 

Advertisement Hide

Dh4MZn6ZclWJ57n, O,#5+4m)PR4d-k[, 6^31<=l’5;g#.-4/;=!&1>Y/C, All are old passwords for the @whitehouse account, You were lucky this time.

— SyrianElectronicArmy (@Official_SEA12) July 30, 2013

The SEA also posted an apparent password for the White House’s HootSuite account, used to manage the administration’s Twitter presence.

White House(@whitehouse) #Hoosuite account | [email protected] Old-Password: Password12 #SEA #Syria

— SyrianElectronicArmy (@Official_SEA12) July 30, 2013

According to Matthew Keys at the Desk, SEA hackers successfully phished the accounts of Erin Lindsay, Macon Phillips and Adam Garber. All three are members of the Obama administration’s office of digital strategy. The SEA tweeted a screen grab claiming to show a message forwarded from Lindsay’s White House email account to her personal Gmail account in order to prove the success of their phishing tactics. 

Advertisement Hide

The message contained passwords that members of the SEA hoped would give them access to official White House Twitter and Facebook pages, but because these accounts change their passwords practically every day for security reasons, the hackers were unable to seize control of the accounts.

The White House did not reply to the Daily Dot’s request for comment, referring all media inquiries to the FBI, which is leading the investigation. 

According to PC Magazine, the hackers secured these passwords by sending emails to White House staffers that included links to apparent news stories from CNN or the BBC. After clicking these links, however, the users were asked to sign in via Gmail or Twitter to read them. Several of the staffers evidently fell for the trap and entered their passwords, compromising their own accounts. 

In addition to the White House’s constantly changing passwords, an unnamed White House staffer quickly took note of the phishing scheme and raise the alarm. 

The SEA is a supporter of the embattled Syrian leader Bashar al-Assad, but claims no official connection to any government. The group has hacked a number of high profile media sites in recent months, including NPR, Thomson Reuters, the Onion, and even the Daily Dot itself.

Advertisement Hide

Image via Syrian Electronic Army/Twitter

Share this article
*First Published: Jul 31, 2013, 2:07 pm CDT