This story is over 5 years old
News by VICE

Syrian Hackers Hijack IDF Twitter Sparking Fears of Nuclear Leak

In the second time in a week, the Syrian Electronic Army attacked IDF social media, tweeting out a warning of a nuclear facility attack.

by Kayla Ruble
Jul 7 2014, 9:30pm

Image via AP/Sebastian Scheiner

A Syrian hacker group hijacked a Twitter account for the Israel Defense Forces (IDF) on Thursday night to broadcast false news about a rocket attack and leak at a nuclear facility.

For the second time in less than a week, the Syrian Electronic Army (SEA) attacked IDF social media by hacking their spokesperson's Twitter account and wrote: "Possible nuclear leak in the region after 2 rockets hit Dimona nuclear facility."

While the IDF promptly deleted the tweet, the SEA reposted a screenshot for its followers.

The message from the group which supports Syrian President Bashar al-Assad was posted after a day of rocket fire out of Gaza into southern Israel.

Tensions and airstrikes between Israel and Gaza have increased over the last week since the dead bodies of three missing Israeli teens were found on June 30, and a 16-year-old Palestinian boy was reportedly murdered in retaliation.

Six arrested in murder of Palestinian teen. Read more here.

After deleting the tweet, the IDF responded on the social media network by saying: "We apologize for the incorrect tweets. Our twitter account was compromised. We will combat terror on all fronts including the cyber dimension."

According to the Jerusalem Post, an IDF spokeswoman confirmed the account was “compromised,” adding that they were “dealing with the issue.”

The media-savvy SEA, which has been on the hacking scene for more than three years, took to its own Twitter account to admit its role in the incident in a tweet that read: “The whole 'Israeli army' propaganda was hacked by the Syrian Electronic Army."

In a separate incident on June 28, the hackers took control of the official IDF blog, adding links that took people to the Syrian Electronic Army’s own website.

Dan Clements, president of the research firm IntelCrawler that released a report in March about SEA, told VICE News that it wasn’t clear why SEA chose to attack the IDF, but the move is "consistent with their M.O.” He added that “the timing is really interesting with what’s going on in Palestine.”

According to Clements, the SEA's mission is usually deeper than just making a political statement on Twitter.

'It looks like hacktivism, but it’s much more than that.'

“You’re looking at one hand, and you’re not exactly sure what the other hand is doing,” Clements said. He said the group is typically looking for contacts or information to aid Assad’s regime, especially from the standpoint of military and defense. In the past they’ve targeted military and political officials in countries like the US, Turkey, and Qatar.

The SEA, run by approximately eight technical leaders, first came to public attention in July 2011 when they hacked into the UCLA website.

Another high-profile incident occurred in April 2013 when the group posted a message on the Associated Press Twitter account reading: "Breaking: Two Explosions in the White House and Barack Obama is injured." This led to a flash crash in the stock market as the Dow immediately dropped 70 points.

“It looks like hacktivism, but it’s much more than that,” Clements said, explaining that the group is interested in changing the landscape to promote their cause, while effecting economic, social, and Islamic causes.

While the group has said it is not directly affiliated with the Syrian government, they received a welcomed nod from Assad in a speech on June 20, 2011.

“Young people have an important role to play at this stage, because they have proven themselves to be an active power. There is the electronic army which has been a real army in virtual reality,” Assad reportedly said.

Iranian hackers use a fake news organization to target thousands. Read more here.

According to an Atlantic report in 2011, a domain name for the army was created in May of that year and registered by the Syrian Computer Society, which Assad coincidentally led in 1995 prior to becoming president. The group has had multiple websites since then.

Facebook, Twitter, and Google Plus profiles can be found with SEA members publicizing their “employment” or activities with the group.

According to Clements, the Syrian Electronic Army had actually been quiet in recent months. Interestingly, the IDF attacks have represented a bit of a reemergence for the group.

Clements said IntelCrawler monitors the SEA in underground internet channels, but there hasn’t been any indication as to what the group might be plotting. However, he said that this could be their way of reminding people they are still around

“They were dormant for a while, they might be reengaging, this could be the beginning,” he said.

Violent reprisals begin after Israel finds bodies of three missing teens. Read more here.

Follow Kayla Ruble on Twitter: @RubleKB

war and conflict
Syrian Electronic Army
dan clements
Associated Press
President Barack Obama
flash crash