Syrian Electronic Army has its *own* website hacked

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Well, it looks like the shoe is on the other foot for once.

The notorious Syrian Electronic Army, who have hacked the blogs and social media accounts of numerous organisations (most recently Microsoft and Skype), has discovered what it feels like to be a victim – after its own website was hacked by a rival group.

A Turkish hacking collective calling itself TurkGuvenligi appears to have compromised the Syrian Electronic Army’s website, after the pro-Assad group’s web-hosting company was apparently breached.

Defaced Syrian Electronic Army website

Sign up to our free newsletter.
Security news, advice, and tips.

TurkGuvenligi

“Gel Babana”

You imbecils will attack our country with fake phishing emails and we’ll accept your lies and dont do anything ? That is the end you deserve:

“And never think that Allah is unaware of what the wrongdoers do. He only delays them for a Day when eyes will stare [in horror].” Ibráhím – 42
For only conscientious people ! [LINK]

The Syrian Electronic Army (SEA) has created a reputation for itself, after successfully tricking employees at companies and media organisations to hand over their passwords through convincing phishing attacks.

Typically, having learnt users’ email passwords, the SEA has been able to access victims’ inboxes and determine the passwords for social media accounts such as Twitter and Facebook.

It’s hardly the most sophisticated method of attack in the world, but there is no denying that it has been effective.

Clearly they haven’t made any friends in the Turkish hacking community, however.

At the time of writing, the SEA’s website is offline, but you can still see some evidence of the defacement via Google search:

Google search result

At the end of last year, TurkGuvenligi also hacked and defaced the official OpenSSL website, leaving a message which read:

TurkGuvenligiTurkSec Was Here @turkguvenligi + we love openssl _

On that occasion, OpenSSL blamed the defacement on “insecure passwords at the hosting provider”.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.