The Syrian Electronic Army Was Hacked This Week Too

The Syrian Electronic Army has been busy this past week; you probably saw the notorious hacker group in the news after they hacked into Microsoft company accounts. But what you might not have seen is that, meanwhile, another hacker group apparently gave them a taste of their own medicine and defaced the SEA’s own website.

Computer security expert Graham Cluley reported the hack against the SEA's website on his blog on Wednesday, the same day that Microsoft confirmed some of its employees had indeed had their Outlook email accounts hacked by the SEA. The hacker group had posted images of emails they accessed on their Twitter feed several days prior. The move followed a previous attack against Microsoft on New Year’s Day, when the SEA gained access to the company’s blog and Skype’s Twitter feed.

As media attention was still on the Microsoft attack, however, their own website was reportedly defaced by another group, which identified itself as the Turkish hacking collective TurkGuvenligi. Cluley wrote that the group posted the following message on the SEA site:

You imbecils will attack our country with fake phishing emails and we’ll accept your lies and dont do anything ? That is the end you deserve:

“And never think that Allah is unaware of what the wrongdoers do. He only delays them for a Day when eyes will stare [in horror].” Ibráhím – 42

The Syrian Electronic Army has hacked Turkish government systems using phishing emails in the past, such as last June when staff accounts in Prime Minister Tayyip Erdogan’s office were compromised. But it’s not often the SEA sees retaliation in kind. As Cluley said, “Well, it looks like the shoe is on the other foot for once.”

A playground-style war of words—and a perhaps surprising number of smileys—ensued between the two hacking collectives on Twitter, in which the SEA tried to downplay the incident and question the Turkish group’s motivations. They suggested Turkguvenligi were just after attention and that it had taken them months to put their attack together. In response, the Turkguvenligi group mocked the SEA’s trademark phishing tactics and showed off about their own methods (they apparently breached the web-hosting company that supported the SEA site).

@Official_SEA16 yes we dont know phishing ;) we just broke into one of the biggest host company of russia in 2 days. can u imagine it loser?

— Turkguvenligi (@Turkguvenligi) January 14, 2014

Nevertheless, even though their site is down, the Assadist aligned group seems to be back to their old tricks already. On Wednesday they defaced the government websites of 16 Saudi Arabian principalities.

They also warned their assault against Microsoft wasn’t over yet. Earlier this week they told the Verge that the attacks on employee emails were just a distraction: “We are making some distraction for Microsoft employees so we can success in our main mission.”

But while they may be breaching other sites, they still don’t have their own. I’m currently unable to access the SEA website—they tweeted that they were looking for a new hosting company, so it may be a while before the site is back up. What does an infamous hacking collective do when they find themselves sans domain? Set up a new Facebook page, of course.