The Onion is Twitter hacked by Syrian Electronic Army. Hardly anyone notices

The OnionSpoof news website The Onion had its Twitter account hijacked by members of the Syrian Electronic Army earlier today.

The hackers, who have recently attacked numerous media accounts, posted jokey messages – which left some in a state of confusion as to whether the account was really compromised, or was simply pretending to be hacked as a publicity stunt.

The #Onion CEO: “We regret taking zionist money to defame Syria, now the hackers are up our ass”

UN retracts report of Syrian chemical weapon use: “Lab tests confirm it is Jihadi body door”

BREAKING: #TheOnion readership mass confusion as Syrian Electronic Army takes over. All demand a permanent column

Hacked Twitter account

Of course, The Onion is in the habit of posting silly untruthful news stories – so it’s doubtful that anyone really noticed much difference.

Sign up to our free newsletter.
Security news, advice, and tips.

To their credit, The Onion took the hack in good spirits and posted a joke news story claiming that they had changed their Twitter password to OnionMan77 to deflect future attacks:

“We have taken the necessary measures to ensure this kind of thing never happens again,” said Onion IT specialist Nick Abersold, who noted that the new password’s length and use of numbers makes it “virtually impenetrable.” “There are no spaces, and the O and M are both capitalized—both tactics that I think will keep us safe for the foreseeable future. Also, there’s not one, but two 7s. So, once again, The Onion’s Twitter password is OnionMan77.”

Ho ho. Very droll.

Joking aside, media organisations should follow the advice sent out by Twitter last week, offering sensible tips on how companies could avoid becoming the next victim of the Syrian Electronic Army and other hackers.

Imagine how much worse things could have been if the hackers had chosen to post malicious links to the millions of people who follow The Onion‘s Twitter account?

Update: At the time of writing, The Onion appears to have wrestled control back of its Twitter account. However, the Syrian Electronic Army has been posting pictures to Twitter as evidence that it also compromised the website’s email accounts.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.