Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Hacking

Syrian Electronic Army hacks into Facebook’s domain

The Syrian Electronic Army claimed Wednesday that it managed to hack into Facebook violating an administrator account of the Facebook’s Domain Registrar. Syrian Electronic Army hit again, 2014 has started with the exploits of the popular group hackers that hit the giants of IT industry. Microsoft, PayPal, Ebay and also the CNN were hacked in the […]

Syrian Electronic Army hacks into Facebook’s domain

The Syrian Electronic Army claimed Wednesday that it managed to hack into Facebook violating an administrator account of the Facebook’s Domain Registrar.

Syrian Electronic Army hit again, 2014 has started with the exploits of the popular group hackers that hit the giants of IT industry. Microsoft, PayPal, Ebay and also the CNN were hacked in the last month. This time the group has targeted Facebook website, also in this case the member of the Syrian Electronic Army claimed that they hacked an administrator account of the MarkMonitor, the Facebook’s Domain Registrar.

MarkMonitor Inc. is an American software company which develops software to protect corporate brands from illicit activities including fraud, piracy, counterfeiting and cybersquatting, it is the same domain registrar of Ebay/PayPal. MarkMonitor acquired AllDomains in 2001 and DtecNet in 2010, and it was itself acquired by Thomson-Reuters in 2012.

 

Syrian Electronic Army Twitter @Official_SEA16

 

The Syrian Electronic Army modified the contact information for the Facebook Domain, referring to a Syrian email address on the company’s WHOIS domain information page. Fortunately the hackers failed to hijack the entire Facebook domain, in this case, the attack could have had very serious consequences, the hackers anyway claimed that they have tried to update the nameserver information, but the process had to be abandoned because it was “taking too much time…“.

Probably there are in place, I hope so, procedures to validate any changes to the records, for example, requesting a two-factor authentication to unlock the domain anyway requesting that any change to DNS settings have to be manually verified and authenticated.

If Syrian Electronic Army had succeeded in updating the nameserver record for Facebook, then the millions of users could have been impacted, they could have been redirected to a malicious website serving a malware or to a fake authentication page to capture the users’ credentials.

Syrian Electronic Army hacked Facebook

The Syrian Electronic Army has attacked Facebook because the company removed from its social network the pages managed by dissidents because they violate standards for permitted content, the decision of the company has caused the loss of important information about the conflict.

The deletion of Syrian opposition pages by Facebook removes important information regarding the evolution of the Syrian internal conflict. News regarding the revolution, detailed reportage and also information about the use of chemical weapons in the country.

Facebook has confirmed that no user has been impacted and that it hasn’t observed traffic hijacking.  At the time of writing  the registrar contact details were restored and the situation is normal.

Pierluigi Paganini

(Security Affairs –  Facebook, Syrian Electronic Army)