Forgot your password?
typodupeerror
Security The Media Politics

How the Syrian Electronic Army Hacked The Onion 91

Posted by timothy
from the wore-goggles-so's-not-to-cry dept.
Nerval's Lobster writes "For comedy publication The Onion, a recent cyber-attack by the Syrian Electronic Army was no laughing matter. The SEA managed to compromise The Onion's Twitter account, plastering it with insults aimed at the United Nations, Israel, and Syrian rebels. 'UN retracts report of Syrian chemical weapon use: "Lab tests confirm it is Jihadi body odor,"' read a typical (and perhaps one of the more printable) ones. When the Tweets appeared, some Onion Twitter-followers questioned whether the newspaper was playing some sort of elaborate meta-joke, perhaps riffing on a recent series of high-profile cyber attacks. But the SEA was serious, and so was The Onion about flushing the attackers from its systems. In a new posting on theonion.github.io, the publication's IT crew details exactly what happened. On May 3, attackers from the SEA fired off phishing emails to Onion employees, at least one of whom clicked on a malicious link. From there, the attackers compromised a handful of systems. 'In total, the attacker compromised at least 5 accounts,' the account concluded. 'The attacker logged in to compromised accounts from 46.17.103.125 which is also where the SEA hosts a website.' But following the crisis, The Onion couldn't resist swiping at its attackers. 'Syrian Electronic Army Has a Little Fun Before Inevitable Upcoming Deaths at Hands of Rebels,' read the headline for a May 6 article that described a fictional massacre of the SEA in gruesome detail."
This discussion has been archived. No new comments can be posted.

How the Syrian Electronic Army Hacked The Onion

Comments Filter:
  • by Anonymous Coward on Thursday May 09, 2013 @05:55PM (#43679929)
  • Why would they target the Onion!? Do they not 'get it'?
    • Re: (Score:1, Flamebait)

      by Threni (635302)

      No, they really didn't think it through. Like all script kiddies, they do it because getting metasploit and/or hanging around irc channels for weeks means you eventually use someone elses work to temporarily control a twitter account, take shit there and make yourself look like something of a tool, and then lose control of the account. I guess some people are born to die virgins.

    • twisted "humor"(?) (Score:2, Interesting)

      by sanman2 (928866)

      Actually, the Onion's "joke" article on the rebels massacring the SEA sounded a little disturbingly vindictive and twisted. Who knows if some real life fanatics won't take inspiration from that "joke"(?) article to make it happen in real life. How would the Onion look then?

      • by aardvarkjoe (156801) on Thursday May 09, 2013 @06:40PM (#43680347)

        How would the Onion look then?

        Prescient?

      • by ganjadude (952775)
        honestly I dont see a problem if someone did take the joke and go after the rebels. By definition they are rebels! they should be stopped! What is with this PC world these days? They bomb their own country, yet you are worried if someone is gonna go after them?
        • by tehcyder (746570)

          honestly I dont see a problem if someone did take the joke and go after the rebels

          Um, it would be the rebels executing the government supporters, in fact.

          The hacking was done by pro-government Syrians.

          I hope I'm not the only person who finds the idea of a "joke" about people being horribly murdered by rebels who we in the West are supporting somewhat disturbing.

          • The post you are talking about was made by the staff in an intentional effort to be inflammatory in order to induce the hackers to post more content and (hopefully) reveal information that could be used to stop them.

            That's in contrast to the normal day-to-day inflammatory crap they post in an attempt to be funny. - so I can see how you could get confused...

            (wow... i would not have guessed when I woke up this morning that I'd be posting on slashdot in support of the staff of The Onion... what a weird day)

        • by ultranova (717540)

          By definition they are rebels! they should be stopped!

          I dunno, it seems like they have good reasons [wikipedia.org] to be pissed off.

          • by ganjadude (952775)
            I am sure they do. I however dont want to be involved. its not our war, let them settle it on their own.
            • by ultranova (717540)

              I however dont want to be involved. its not our war, let them settle it on their own.

              Your previous post not only took sides, but also said that "they should be stopped". And now you're backpedaling and saying "we" shouldn't get involved. Are you perhaps an (underperforming) member of Syrian Electronic Army?

              • by ganjadude (952775)
                no, i didnt say we have to stop them, I said they need to be stopped (from their governments point of view - the liberal use of ! should have been a give away - my bad)
                frankly as an american, im sick of america playing world police, let them do what they do, if they kill each other, so be it, this goes for any country. Sounds heartless but plain and simple we cant afford it
      • by ThePeices (635180)

        How would the Onion look then?

        Smugly pleased.

    • by Anonymous Coward on Thursday May 09, 2013 @06:34PM (#43680317)

      Why would they target the Onion!? Do they not 'get it'?

      Chances are, no, they seriously don't get it.

      Think about it: In that area of the world, news is generally controlled by official government channels. I'm talking supposedly-legitimate sources which unironically use definitive, unambiguous phrases like "The Truth Of $NATION", "$NATION's One Voice", or The Onion's own "$NATION's Finest News Source" as their taglines. Then, add in the fact that a lot of what The Onion and other humor sources (i.e. The Daily Show) do are largely unheard of in these nations; direct mockery of the government is the sort of thing that gets a guy and his whole family beheaded in public out there. They might plain and simply not be used to that manner of humor.

      So, without the benefit of a culture that's accustomed to ironic sarcasm and mocking tones in print, combined with a lack of knowledge of how the US really works, and definitely without understanding the counter-cultural significance of The Onion in the first place, I can imagine them looking at this site which boldly proclaims itself to be "America's Finest News Source", presenting articles in a very dry, almost authoritative tone (to people unfamiliar with the English language or American culture), and seemingly chock full of news, and assuming this is a real thing and that attacking it will help get their message out to the important, news-reading people of what they consider to be the most powerful nation in the world.

      • by jfruh (300774) on Thursday May 09, 2013 @08:34PM (#43681145)

        This is wildly incorrect. You could tell form their posts that the Syrians knew exactly what the Onion was and were actually writing Onion-style headlines to promote their point of view. "UN admonishes Syria for getting in way of Jewish missles," that sort of thing.

      • by Alex Kasa (2867743) on Thursday May 09, 2013 @09:21PM (#43681403)
        While I get your point, and agree with you, you seem to have a wildly inaccurate view of what life in Syria was before the civil war. While you would not necessarily stand in the central square of Damascus and shout insults to the regime, you could still express your political opinions freely. Not all the media was state-controlled. Before the revolution, access to the internet was open and not censored.

        Middle-East != North Korea

        You and your family would not get beheaded in public under Assad for talking against the regime. It is quite ironic that Assad was actually quite a progressive leader compared to the US allies in the region (USA's Best Friends Forever Saudi Royal Family and Mubarak). While my whole heart goes to anyone seeking true democracy, a lot of the reason why Syria is in such a mess is because Assad is an Iranian ally supporting Hezbollah, and Israel and the West want that support for Hezbollah and Iran to go.

        Of course now Assad has crossed the line and there is only one way this will stop, he must go one way or the other. Only thing US and Israel didn't seem to calculate at first is that what's going to come after him is much, much less friendly. They're just starting to realize that now. As one commentator put it, "The Muslim Brotherhood leadership is waiting in hotels in Turkey, ready to take the reins once Assad is gone". Once again, we've played a role in overthrowing a secular regime and replacing it with an Islamist one. We're getting good at this.

        However you are right that many middle-easterners "don't get" western humor. Some see things like that and believe it is serious. Also, while here in the west you can openly joke about religion and God (even Christianity), they would not think those kind of things are funny. As usual, we say we're right and they're wrong. Truth is it's just a cultural difference and cultures are bound to clash in an open world with an open internet. It's not just between Westerners and Middle-Easterners though. I'm sure Chinese people look at American shows and think "WTF is honey boo boo? Jersey shore? USA dogs!"

        • by operagost (62405)
          People get upset about Westboro Baptist. I wonder how much they would enjoy being a Coptic Christian right now.
    • Why would they target the Onion!? Do they not 'get it'?

      The tyrant fears the laugh more than the assassin's bullet. -- Robert Heinlein

    • You're misunderstanding the motivations of the SEA and other small activist groups. These groups are in part motivated by what they feel is a lack of sufficient attention to their cause. They want attention drawn to them, and given their initial low profile, any attention is good. The Onion is a very high profile website. Hacking the Onion gave them the widespread publicity they so crave. Think of it, now people who read Slashdot know who the SEA are.
  • by Krazy Kanuck (1612777) on Thursday May 09, 2013 @05:58PM (#43679955)
    In related Onion news: We Were Going To Take Over The ‘Onion’ Website, But It’s A Real Mess With All Those Ads [theonion.com] I'm not sure what the SEA really expected to accomplish here.
  • This is where Google's single-signon approach backfires. The attack obtained login credentials for employee email accounts. Those credentials allowed them to do much more than access personal email - they could access other Google-hosted assets.

    • by fightinfilipino (1449273) on Thursday May 09, 2013 @06:27PM (#43680247) Homepage
      Google does have two-factor authentication [mattcutts.com], but they don't require all users to use it yet.

      most two-factor authentication schemes i've seen so far require users to have either a physical dongle that provides keycodes, a mobile phone capable of receiving SMS messages, or a smartphone app.

      most users i've seen can't be bothered to take this "inconvenient" step to secure their accounts. i hope Google makes the two-factor login a requirement soon, but they're going to get some pretty tough pushback from the lazy.

      • by slashdyke (873156)
        I have not taken this "inconvenient" step to secure my account, simply because I a) do not have a physical dongle, b) do not have a mobile phone - not even one that does not receive SMS messages, and c) I also don't have a smart phone to install a smart phone app. Now, I also do not have a google account, and so long as slashdot.org is not absorbed by them, I should be safe.
        • I do have a google account and while I do have a cell phone capable of receiving SMS messages, I don't want to pay $0.20 every time I log into my email.
      • by g8oz (144003)

        Personally I just dont' want google to have my mobile phone number. They know too much already.

        • by thygate (1590197)
          If any one of your contacts has your phone number with your gmail address in their phone as a single (or merged) contact, google already knows your mobile phone number.
        • by swillden (191260)

          Personally I just dont' want google to have my mobile phone number. They know too much already.

          Use the authenticator app, then, if you have a smartphone.

          • by drinkypoo (153816)

            Use the authenticator app, then, if you have a smartphone.

            My friend, you have located that which rubs. I don't want to use my smartphone because something might happen to my smartphone, which oh yeah, is also my cellphone.

            Until I can get a keyfob token for backup, I'm simply not going to switch on two-factor authentication. I hack my phone and even if you don't sometimes they fail. (Hey, let's be realistic, some of these alternate roms just asplode. The one I am using is based on the same version that came with my phone and there are still sometimes issues.)

      • by tringstad (168599)

        ...a mobile phone capable of receiving SMS messages...

        I have yet to see an implementation of 2-factor authentication that uses this method; only poorly written articles by journalists who have misunderstood what they've read, and repetition of said articles by misinformed slashdot commenters.

        Can you provide evidence of one that does?

        • by Anonymous Coward

          Really? Google [google.com], my bank, and PayPal [paypal.com] all send me an SMS code to verify me (i.e. I log in with username/password, it either immediately texts me a code or has a button for texting me a code, then I receive an SMS with the code to type in to complete the authentication process). My bank and PayPal do it on every login. Google does it the first time I use a device (used to be every 30 days as well, but they seem to have stopped that).

          I don't have an Android or iOS phone, but I do have an unlimited texting plan

        • by Anonymous Coward

          I know that Yahoo! uses SMS messages as part of their 2-factor authentication. Whenever I log on to my Yahoo! account from a new device they require me to enter a code, the code can either be sent to an alternate email address or to my phone. This is what you are talking about right?

          http://www.zdnet.com/blog/security/yahoo-mail-introduces-two-factor-authentication/9846

        • by swillden (191260)

          Google offers SMS messaging as one of the methods for second-factor auth.

          "you'll be asked for a code that will be sent to you via text, voice call, or our mobile app." (http://support.google.com/accounts/bin/answer.py?hl=en&answer=180744)

          There are actually a couple of other options as well, including a code via e-mail and a hardcopy list of pre-assigned one-time-use code, though they're mostly intended for recovery, in case you lose access to your phone. And you can also provide a backup phone numbe

      • most users i've seen can't be bothered to take this "inconvenient" step to secure their accounts

        I wonder why you used the double quotes there. Are you suggesting it is not inconvenient?

        Assume it's a dongle. Go check your mail at work, on the road, while in a completely different country - whoops, left the dongle in the car, at home, in the other set of pants.

        Note that the above is even just the dongle - who uses just a dongle? You'll also need a password for the dongle, lest the attacker actually has you

        • by swillden (191260)

          Print it out and put it in your wallet? No, no.. bad idea.

          No, that's a good idea, and exactly what you should do. Yes, it means that an attacker who manages to get your password and your wallet can get into your account, but that's still far more secure than a password alone. If your alternative is not using a second factor because you're afraid you won't have it when you need it, you're far better off using two factor and keeping the list of backup code list in your wallet.

  • is that citizens of a once legitimate regime in Syria, fighting to get their story heard by the people of the world.

    Ever wonder why the US and EU call the "Syrian" rebels "rebels", but the Mali rebels as "terrorists"? Why do we support the revolution of a sovereign country? Perhaps the revolution ISN'T for the good of the Syrian people, but good for the US, EU, and Israel?

    • Assad: Legitimate Dictator of Syria.
      • Re: (Score:2, Informative)

        by Anonymous Coward

        And the USA the legitimate oppressor of the world.

    • by TapeCutter (624760) on Thursday May 09, 2013 @07:11PM (#43680581) Journal

      Perhaps the revolution ISN'T for the good of the Syrian people, but good for the US, EU, and Israel?

      There's no reason it can't be both, there's also no reason to mod your factual observations as "flamebait". We are going to have to wait a decade or more to find out if the "Arab spring" changed anything for the better, I clearly recall people (as opposed to governments) in the west celebrating because Mugabe had come to power in Zimbabwe (Rhodesia), Stevie Wonder went so far as to sing about it. Their moral reasoning was sound at that time in history, but with 20/20 hindsight Stevie's claim that "Peace has come to Zimbawe" sounds foolish.

      The political cynic in me thinks that western governments see two enemies fighting each other on their own territory. they are in no hurry to pull them apart.

      • ...they are in no hurry to pull them apart.

        Not as long as they can make a sale.

  • Maybe it's just me, but I can't believe people are still falling for this tactic. Click on a link...enter your credentials...url looks like http://sdfkjh.sy/sdfas..sure [sdfkjh.sy] why not, Stacy from accounting sent it. The only good thing on this is that the SEA is exposing a lot of these weaknesses with basically harmless taunting. So hopefully these non-critical yet influential sites...A/P, various other news and popular sites, will have a chance to get their act together. In theory I could see a really beliger
    • by Anonymous Coward

      Your link is broken, I wanted to see what Stacy was sending.

  • Assad's regime is supported by oil money from BP(English Crown) and Royal Dutch Shell ('royal' is in the name) going back to the 1600s when the Aristocracy was not hiding behind legal companies.

    The oil comes from Iran and Syria and gets loaded onto boats in a port on the Mediterranean in Syria then sails to points west including your gas tank.

    • by couchslug (175151) on Thursday May 09, 2013 @08:25PM (#43681093)

      1600s? BP and Royal Dutch Shell supporting a regime which didn't exist even before THEY existed?

      Now THAT'S planning for the future!

      Do tell how the Assad family is descended from the Ottoman Empire.

      This will be interesting.

      • fine, here:

        "Assad's regime is part of a centuries-old supply chain supported by oil money from BP(English Crown) and Royal Dutch Shell ('royal' is in the name) going back to the 1600s when the Aristocracy was not hiding behind legal companies.

        For another instructive look at how this works, examine the life of Reza Shah [wikipedia.org]. He did function as leader, but what concerns us is his status as **stooge for the oil interests**. His ideology is secondary...it's about what he will do with the oil.

        Do tell how the Assad f

  • by Anonymous Coward

    ..will be against Syria/Iran. Now wait for the jews to inflame you for it. All their "comedians" and "concerned NGOs" will work hard towards the goal of eliminating even token opposition to the jewish Apartheid state.

  • by tehlinux (896034)

    HAWKS!

  • I have no idea why, but for a minute I thought I the title said:
    how the syrian electronic army hacked Tor.
    And the comments and summary made no sense what so ever.
    I guess Tor is a kind of onion as well.
  • "On May 3, attackers from the SEA fired off phishing emails to Onion employees, at least one of whom clicked on a malicious link"

    What OS did this nameless malware run on?
    • by isorox (205688)

      "On May 3, attackers from the SEA fired off phishing emails to Onion employees, at least one of whom clicked on a malicious link"

      What OS did this nameless malware run on?

      Malware? What decade are you from?

      Send an email with a link to tw1tter.com, they enter their password, you capture it. Job done. All that's needed is a browser.

Nothing is easier than to denounce the evildoer; nothing is more difficult than to understand him. - Fyodor Dostoevski

Working...