Syrian hackers hijack FC Barcelona’s Twitter account

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Talk about putting the boot in…

The notorious Syrian Electronic Army (SEA) claimed another scalp overnight, hijacking the Twitter account of the world-famous Barcelona football club.

The Catalan football team’s Twitter account, which has over 11 million fervent fans, was commandeered by the hackers who posted a message in the hours following a victory over Manchester City.

FC Barcelona tweet

Sign up to our free newsletter.
Security news, advice, and tips.

Dear FC Barcelona management, don’t let the Qatari money funds you, it’s full of blood and kill

A later tweet, sent before FC Barcelona realised they had a problem and deleted the offending tweets, sent a special message to one of their rival teams.

Special hi to Real Madrid

Chances are that the hack was perpetrated by the SEA after phishing the password for the account from FC Barcelona’s social media staff.

Past victims of the SEA have included The Guardian, ITV, The Telegraph, the Washington Post, Viber, Skype, PayPal, Thomson Reuters, and most recently Forbes, amongst many others.

There seems little doubt to me that FC Barcelona could have avoided this hack if they had followed best practices – which would have included training staff to never re-use passwords and to be suspicious of unsolicited emails, checked that they were only entering their passwords on legitimate websites, and – crucially – enabled two factor authentication on their account.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.