Attacks/Breaches
5/16/2013
12:04 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Who Is Syrian Electronic Army: 9 Facts

Syrian hackers claim to battle American imperialism, media bias and Angelina Jolie.
Previous
6 of 9
Next


Is the Syrian Electronic Army based in Syria? After Syria reestablished its Internet connection last week -- following a blackout that lasted approximately 24 hours -- security experts wondered when the hackers might resume their attacks.

With that question floating around the Internet, the group responded: "But wait ... we are in Dubai!" read a tweet from the @Official_SEA12 Twitter account.

The Dubai quip was made in response to the aforementioned Guardian report last month that "according to defectors from inside its ranks, the group moved last year from Damascus to a secret base in Dubai."

The group's members later clarified that they were in Syria, and had been affected by the Internet outage. "Unfortunately it is true, though mobile phones worked intermittently due to a large number of Syrians using them as an alternate form of communication," said the Shadow. "These kinds of cuts do not affect the terrorists operating in Syria as they have their own US-supplied communication equipment. The blackout effectively shut down our operations, we are glad to be back."

Ditto, no doubt, for an eight-hour blackout that -- according to data provided by Arbor Networks -- began at about 8:30 a.m. Eastern Time on May 15, and lasted until just after 4 p.m. The cause of the blackout isn't known, although Internet monitoring firms suspect last week's blackout was due to the civil-war-torn country's weak infrastructure.

Zones of control in Syria courtesy of Wikipedia.

RECOMMENDED READING

Anonymous OpUSA Hackathon: Mostly Bluster

Twitter Battles Syrian Hackers

Twitter Preps Two Factor Authentication After AP Hoax

How Syrian Electronic Army Unpeeled The Onion

Syrian Hacktivists Hit Guardian Twitter Feeds

Syria Back Online After Internet Blackout

Previous
6 of 9
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-1421
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

CVE-2013-2105
Published: 2014-04-22
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.

CVE-2013-2187
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.

CVE-2013-4116
Published: 2014-04-22
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

CVE-2013-4472
Published: 2014-04-22
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Best of the Web