The Syrian Electronic Army has hijacked the official Facebook and several Twitter accounts of the New York Post.
The compromised Twitter accounts are the ones of the New York Post (@newyorkpost), from which all tweets have been removed except one urging users to follow @nypost, Brian Lewis (@NYPost_Lewis), Paul Swartz (@NYPost_Schwartz), Mike Puma (@NYPost_Mets) and NY Post Business (@nypostbiz).
From the hijacked accounts, the Syrian Electronic Army posted “Syrian Electronic Army was here” messages.
Currently, all accounts, except for @newyorkpost, appear to have been recovered and are working properly.
However, the New York Post hasn’t made any statements regarding the incident.
The only one who mentioned the hack is Brian Lewis who tweeted: “Working on fixing this.”
The hackers haven’t revealed why they’ve targeted the New York Post. However, judging by past attacks, it’s possible that the media organization published something about Syria that the hackers didn’t like.
So how did the hackers manage to take over the social media accounts? They did it by breaching the systems of social media optimization platform SocialFlow.
“Update: today an employee's email account was compromised in a phishing attack. As a result, our Twitter and FB accounts were compromised,” SocialFlow representatives stated.
“No customer access or data was compromised in this attack. As part of our security controls, we immediately took our service offline,” they added.
“We are following our security protocols to restore service and are communicating with customers directly.”
After the statement was published, the Syrian Electronic Army told the company “not to lie to its customers.”
“Your main website and blog was hacked too,” the hackers said.