14 DAY TRIAL // The Syrian Electronic Army has breached the official website of Viber, the popular cross-platform instant messaging service.
The hackers have defaced the Viber support page (support.viber.com). In addition, they claim they’ve downloaded some databases.
“After we gain access to some systems of that app, it was clear for us that the purpose of this app is spying and tracking of its users,” the Syrian Electronic Army wrote on its website.
To demonstrate that they’ve gained access to Viber’s systems, the hackers have published several screenshots showing data records stolen from the company. Furthermore, on the defacement page, they have listed the names, phone numbers and email addresses of Viber administrators.
Currently, the support.viber.com website has been taken offline. The hackers have told E Hacking News that they still have access to the company’s systems.
Viber representatives have told TechCrunch that the hackers have indeed breached two of their minor systems. However, they claim that no sensitive information has been stolen.
“It is very important to emphasize that no sensitive user data was exposed and that Viber’s databases were not 'hacked'. Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system,” Viber stated.
Viber is the third company targeted by the Syrian Electronic Army over the past week. First, they have hacked the systems of global phone directory Truecaller.
Later, they took aim at the information stored in the databases of the mobile messaging service Tango. The data taken from Tango’s systems has been allegedly handed over to the Syrian government.
In the meantime, the pro-Assad hacktivists have breached the systems of The Daily Dot. The attack came after the publication posted a caricature of the Syrian president next to an article about the Syrian Electronic Army.
According to The Daily Dot, the hackers have managed to gain access to the publication’s content management system and a couple of staff email addresses. They posed as one of the news site’s contributors and sent out spear phishing emails designed to trick recipients into handing over their Google credentials.
The Daily Dot staff was warned that it might receive such emails, but it appears that not everyone took the warning seriously.