The hacker group calling itself the Syrian Electronic Army (SEA) broke into the customer support website for Viber, an instant messaging and Voice-over-Internet-Protocol (VoIP) application available for both mobile and desktop operating systems.
The Viber support website was defaced Tuesday and was modified to display the SEA logo and a message telling visitors that “the Israeli-based ‘Viber’ is spying and tracking you.” As publication, the site's main page appears to be back online and functioning.
“The Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack,” a Viber Media spokesman said Wednesday via email. “The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.”
The information accessed by the attackers included information needed for customer support like when a user registered, where they registered from and what type of device they use, he said.
Viber’s databases were not hacked and sensitive user data like message contents or address books was not exposed, the Viber representative said. This information is stored in a “secure system that cannot be accessed through this type of attack” and is not part of the support system. Viber is based in Cyprus and has development centers in Belarus and Israel, he said.
The Syrian Electronic Army gave a somewhat different description of the attack, saying in an email message that it managed to access four systems, one for customer support and others used “for managing accounts.”
“We dumped and downloaded the databases of the hacked systems,” the group said. “We will tell more in the right time.”
A run of attacks
This attack comes after SEA announced Friday that it broke into the website and database of Tango, a different VoIP application. The group claimed that it downloaded the phone numbers, email addresses and contacts of millions of Tango users.
TangoME, the company the develops Tango, acknowledged the intrusion Saturday on Twitter and said that the security breach resulted in unauthorized access to some data.
Before the Tango hack, the SEA broke into the systems of Truecaller, a global phone directory service.
It’s not clear why the hacker group is targeting mobile VoIP apps and related services.
“Like Tango and Truecaller, Viber was targeted in order to obtain the important data that is stored in their databases,” the Syrian Electronic Army said via email. However, it didn’t clarify why it considers this data important and how it plans to use it, except for saying that it will not leak it publicly.
SEA is publicly supportive of Syrian President Bashar al-Assad and his government. In recent months the group has targeted several different media organizations including the Financial Times, the Associated Press, The Guardian, BBC, and Al Jazeera, breaking into their websites or Twitter accounts.
On Monday the group broke into the administration panel of The Daily Dot news website after the organization did not comply with the hacker group’s request to remove a caricature of Syrian President Bashar al-Assad from one of its articles.