Join the Meeting Place for Moms!
Talk to other moms, share advice, and have fun!

(minimum 6 characters)

Current Events & Hot Topics Current Events & Hot Topics

American totally p0wns the Syrian Army

Posted by on Aug. 31, 2013 at 2:41 AM
  • 4 Replies
1 mom liked this

The Syrian Electronic Army, that is.

Wikipedia says:


The Syrian Electronic Army (SEA), also known as the Syrian Electronic Soldiers, is a collection of pro-government computer hackers aligned with Syrian President Bashar al-Assad. Using denial of service attacks, defacement, and other methods, it mainly targets political opposition groups and western websites, including news organizations and human rights groups. The Syrian Electronic Army is the first public, virtual army in the Arab world to openly launch cyber attacks on its opponents,[2]


A high-ranking representative for the SEA told the Daily Dot that “We are just Syrian youths who want to defend their country against the media campaign that is full of lies and fabricated news reports” about Syria.[5] The SEA's tone and style vary widely from the serious and openly political to ironic statements intended as often critical or pointed humor: SEA had "Exclusive: Terror is striking the #USA and #Obama is Shamelessly in Bed with Al-Qaeda" tweeted from the twitter account of 60 Minutes, and in July 2012 posted "Do you think Saudi and Qatar should keep funding armed gangs in Syria in order to topple the regime? ‪#Syria‬," from Al Jazeera's twitter account before the message was removed. In another attack, members of SEA used the BBC Weather Channel twitter account to post the headline, "Saudi weather station down due to head on-collision with camel."[4] One commentator notes that "[SEA] volunteers might include Syrian diaspora; some of their hacks have used colloquial English and reddit memes. After Washington Post reporter Max Fisher called their jokes unfunny, one hacker associated with the group told a Vice interview “haters gonna hate.”"[10][11]


The SEA claims responsibility for defacing or otherwise compromising hundreds of websites that it contends spread news hostile to the Syrian government. These include news websites such as BBC News, the Associated Press, National Public Radio, Al Jazeera, Financial Times, The Daily Telegraph,[12] The Washington Post,[13] Syrian satellite broadcaster Orient TV, and Dubai-based al-Arabia TV,[6] as well as rights organizations such as Human Rights Watch.[14] Other SEA targets include VoIP apps, such as Viber, and Tango.

It also posts pro-government messages on Facebook, and launches spamming campaigns to spread its messages.[15][16] The Facebook pages of President Barack Obama and former French President Nicolas Sarkozy are among those that have been targeted by spam campaigns.[16]

An attack on the Associated Press news agency,[17] in which tweets falsely claimed the White House had been bombed and President Barack Obama injured, led to a US$136.5 billion dip on the S&P 500 index on 23 April 2013.[18]

The group reportedly uses phishing tactics to gain sufficient information to compromise accounts.[16][17] In the first week of May 2013, the Twitter account of The Onion was compromised by the SEA, after a phishing attack targeting The Onion employees led to its account being compromised.[19]

In addition to the high-profile defacement and attacks on public targets, the SEA also carries out surveillance to discover the identities and location of Syrian rebels. This electronic monitoring also reportedly extends to foreign aid workers.[3]

by on Aug. 31, 2013 at 2:41 AM
Add your quick reply below:
You must be a member to reply to this post.
Replies (1-4):
Clairwil
by Ruby Member on Aug. 31, 2013 at 2:42 AM
1 mom liked this

Sounds scary, huh?   Like anonymous, but in foreign hands and targetting America.


Well, read on, to find out what happened...

Clairwil
by Ruby Member on Aug. 31, 2013 at 2:43 AM
1 mom liked this

{still editing - baby delays post}

Clairwil
by Ruby Member on Aug. 31, 2013 at 3:08 AM

(source)

A hacking group calling itself the Syrian Electronic Army (SEA) has been getting an unusual amount of press lately, most recently after hijacking the Web sites of The New York Times and The Washington Post, among others. But surprisingly little light has been shed on the individuals behind these headline-grabbing attacks. Beginning today, I’ll be taking a closer look at this organization, starting with one of the group’s core architects.

Earlier this year I reported that — in apparent observation of international trade sanctions against Syria – Network Solutions LLC. and its parent firm Web.com had seized hundreds of domains belonging to various Syrian entities. Among the domains caught in that action were several sites belonging to the SEA.

At the time, the SEA had a majority of its sites hosted at Internet addresses belonging to the Syrian Computer Society, an organization considered to have been a precursor to the SEA and one that was previously headed by Syrian President Bashar al-Assad. Following the Web.com domain seizures, the SEA was forced to find new homes for their domains. Soon enough, the group moved its domains syrianelectronicarmy.com and sea.sy to a host in Russia (no doubt adding further chill to already frigid US-Russia relations vis-a-vis Syria).

Sometime during that transition period, the SEA’s main Web site got hacked. As in…completely owned. According to one confidential source, the attacker(s) gained access to the virtual servers that hosted the SEA’s site and downloaded the entire user database for sea.sy and syrianelectronicarmy.com. Shockingly (or perhaps less so for many security researchers who’ve dismissed the SEA as mostly a group of tenacious but relatively unskilled hackers), many of the top members re-used the passwords they picked for their sea.sy accounts at their Hotmail, MSN and Outlook email accounts.

A snippet from the hacked 
database from syrianelectronicarmy.com

A snippet from the hacked database from syrianelectronicarmy.com. In the third column are plain-text passwords.

In nearly any dump of a Web site user database, it’s generally safe to assume that the first few users listed are founders and administrators of the site. In the hacked sea.sy database, for example, we can see that the first two usernames in the table are “admin” and “admin2.” Admin2′s email address is listed as sy34@msn.com. The last entry in the database is April 19, 2013, just a few days after Web.com began seizing domain names in its stable with the “.sy” designation.

A Google search on that email address reveals its ties to the SEA, and shows that the account was in 2010 tied to a now-abandoned hackforums.net user named “SyRiAn_34G13″ (leet-speak for “Syrian Eagle”). A reverse WHOIS search at domaintools.com on the sy34@msn.com address shows that it was used in Feb. 2011 to register a site called codepassion.net.

Codepassion.net is no longer active (perhaps because it was hacked and defaced in May 2012 by other script kiddies), but thanks to the Wayback Machine at the indispensable Internet Archive, we can see the site lists as its creator a 23-year-old “virtuoso web designer” named Mohammed from Damascus, Syria. Mohammed says he is a senior front end developer at a firm in Damascus called Flex Solutions. Mohammed reveals that his last name is “Osman” when he links to his Facebook and DeviantART accounts, as well as his Gmail address (osmancode@gmail.com). That same Gmail account is also used for another account in the sea.sy database: يوزر – which Google translates to “Yoezer”  “User” and used the password “963100″.

Osman’s DeviantART account – ”medothelost” — says in Arabic that he is a member of the Free Syrian National Rally, a founding member of the Syrian Civil Youth Movement, and a member of the Syrian Social Nationalist Party. Another account named “medothelost” in the sea.sy database uses the email address medo_sy@hotmail.com and the password “963100.”

Looks like since working at Flex Solutions, Osman struck out on his own, and changed his identity slightly: Running another reverse WHOIS record search at domaintools.com shows that osmancode@gmail.com was used to register the site mohamadstudio.com (I guess mohamMEdstudio.com was already taken?). Anyway, Osman’s Mohamad Time Line tells readers more about this guy, who says he recently moved to Turkey. He currently lists his name as Mohamad Abd AlKarem. Around the same time that Mohammed Osman stopped tweeting at @osmancode (April 27, 2013), @mohamadabdalkarem started up. Osman/AlKarem could not be immediately reached for comment.

A short time ago, Vice.com ruined my scheming and published information on the next guy I’d planned to profile in this series — the individual listed as registered user number 4 in the database screenshot above: “ThePro.” See their story here for more on him. Thankfully, there is enough here to keep me busy for a while yet.

Update, Aug. 29, 2:23 p.m. ET: Several reporters contacted me to say they’d heard from the person at osmancode@gmail.com, who claimed he was not a member of SEA and was never contacted by me; in fact, I sent an email to this same address yesterday requesting an interview. I also never received a reply from the Twitter account tied to Mohamad Abd AlKarem). A few minutes ago, Mr. Osman replied to my email, stating that he was not part of the SEA, and furthermore if he was would he have been so careless with his information? He also said Mohamad Abd AlKarem is not him but his client. Here is his reply:

“Dear Sir

I am not a member in “Syrian Electronic Army”, and if I were, would I mention where I work, post my personal photo as declaring my political views?

Dear Sir, Would I, if being a SEA member, publish where I live and my real name, would you do that?

Actually I do believe that the most stupid man on earth wouldn’t do it, then what about someone to be considered one the best hackers?

Thus dear, you can verify that I am not a SEA member, not as well their leader, just as you have mentioned in one of your articles, depending on odd information that has – at any rate- any relation to a matter of fact.

By the way, Mr. Muhammad Abed Al-Karim is my client, and I have made reservation as any other regular common customer.”

Update, Aug. 30, 12:14 p.m.: Mashable published a story after interviewing AlKarem, which quotes AlKarem as saying he is not Osman; AlKarem told Mashable he knows Osman through the art website DeviantART, but the two have never met in real life. AlKarem told the publication that while Osman had developed some graphics for the SEA, “I don’t think he’s a member of them.” Meanwhile, Motherboard ran a piece Wednesday claiming to have identified a different member of the SEA; that publication featured a Tweet from one of SEA’s leaders “ViCt0r” who last year gave a shout out to fellow SEA members, including a Mohammed Othman.

Further supporting Osman’s statement that AlKarem is just a client are domain hosting records for mohamadstudio.com, which list Osman’s employer FlexSolutions as the technical contact. Also Osman’s personal site — osmancode[dot]com — includes a picture of him that appears different from the one on AlKarem’s site. Based on the evidence available, it seems likely that AlKarem and Osman are two different people. The image from AlKarem’s site has been removed from this story.

SEEKEROFSHELLS
by Platinum Member on Aug. 31, 2013 at 3:48 AM

 bump, read this. Long read but a good one. Read this.

Add your quick reply below:
You must be a member to reply to this post.
Join the Meeting Place for Moms!
Talk to other moms, share advice, and have fun!

(minimum 6 characters)