Syrian Electronic Army has its *own* website hacked

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Well, it looks like the shoe is on the other foot for once.

The notorious Syrian Electronic Army, who have hacked the blogs and social media accounts of numerous organisations (most recently Microsoft and Skype), has discovered what it feels like to be a victim – after its own website was hacked by a rival group.

A Turkish hacking collective calling itself TurkGuvenligi appears to have compromised the Syrian Electronic Army’s website, after the pro-Assad group’s web-hosting company was apparently breached.

Defaced Syrian Electronic Army website

Sign up to our free newsletter.
Security news, advice, and tips.

TurkGuvenligi

“Gel Babana”

You imbecils will attack our country with fake phishing emails and we’ll accept your lies and dont do anything ? That is the end you deserve:

“And never think that Allah is unaware of what the wrongdoers do. He only delays them for a Day when eyes will stare [in horror].” Ibráhím – 42
For only conscientious people ! [LINK]

The Syrian Electronic Army (SEA) has created a reputation for itself, after successfully tricking employees at companies and media organisations to hand over their passwords through convincing phishing attacks.

Typically, having learnt users’ email passwords, the SEA has been able to access victims’ inboxes and determine the passwords for social media accounts such as Twitter and Facebook.

It’s hardly the most sophisticated method of attack in the world, but there is no denying that it has been effective.

Clearly they haven’t made any friends in the Turkish hacking community, however.

At the time of writing, the SEA’s website is offline, but you can still see some evidence of the defacement via Google search:

Google search result

At the end of last year, TurkGuvenligi also hacked and defaced the official OpenSSL website, leaving a message which read:

TurkGuvenligiTurkSec Was Here @turkguvenligi + we love openssl _

On that occasion, OpenSSL blamed the defacement on “insecure passwords at the hosting provider”.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.