Microsoft hacked by Syrian Electronic Army for second time in 2014

Microsoft hacked by the Syrian Electronic Army for a second time in 2014, MSFTNews Twitter account hijacked, sends out SEA messages.

Again Syrian Electronic Army, the popular group of Hackers this time hacked the Microsoft News Twitter account — @MSFTNews. The Syrian Electronic Army (SEA) has compromised early 2014 the Skype‘s Twitter account and blog to protest against the support provided to the NSA surveillance program.

Microsoft has immediately removed the tweets, it took about an hour to delete the evidences of the attack, but Syrian Electronic Army in that interval of time tweeted a series of messages that is possible to read in the below snapshots.

The first message was a retweet from the SEA official account used in the last attack against Skype @Official_SEA16:

“Don’t use Microsoft emails (hotmail,outlook), They are monitoring your accounts and selling the data to the governments.”

The same message was also sent with the hacked @MSFTNews account, meanwhile a successive tweet show the message

“Syrian Electronic Army was here”.

In time I’m writing, there are no news on how the hackers have compromised the Microsoft account, also for the cause of Skype hijack is still a mystery, but it is likely that attackers have attacked a user allowed to manage the  hacked accounts (e.g. via Spear Phishing attack or using any other form of social engineering)

The hack of an official account of a big Enterprise or Media Agency could have serious repercussion, the attacker could use it to make propaganda or worst to spread links to compromised server used to serve a malware.

The attack occurred to Associated Press demonstrated the disastrous effect of misinformation, also is made for a limited interval of time.

Pierluigi Paganini

(Security Affairs –  Syrian Electronic Army, hacking)