Sign up to our newsletter
The latest security news direct to your inbox
The New York Post has become the latest victim of a prolific hacking campaign targeting the social media accounts of worldwide media outlets – and SocialFlow, a social media company used by the Post and other media outlets, has also fallen victim.
The Syrian Electronic Army claimed responsibility for the attack – which compromised the newspaper’s official Facebook and Twitter accounts, as well as accounts for individual journalists, according to reports in Computing and elsewhere.
Sports writer Mike Puma’s account was used to post the message, “Syrian Electronic Army was here” and a link to the group’s own Twitter profile.
Posts on the official site for the hacktivist group showed off posts on the hacked acccounts, and that the group had also hacked SocialFlow, a social media platform used by the New York Post. “The Syrian Electronic Army hacked today “Social Flow” company website/accounts. SocialFlow is a social media optimization platform for leading brands and publishers. All of AlJazeera, WashingtonPost, New York Post and many media organizations uses Social Flow,” the group said in a statement on its official site.
A post saying, “Syrian Electronic Army was here,” appeared on the company’s official Twitter feed.
“Today an employee’s email account was compromised in a phishing attack,” SocialFlow said in a statement. “As a result, our Twitter and FB accounts were compromised. No customer access or data was compromised in this attack. As part of our security controls, we immediately took our service offline.”
The group has claimed responsibility for a series of high-profile hacks against media organizations and messaging apps over the past few months, with hacks targeting the Thomson Reuters, the Financial Times, CBS and chat apps such as Tango and Viber.
Previous attacks have compromised blog pages and app pages on Google Play, as well as leaking customer information and compromising official corporate Twitter feeds. In the wake of attacks earlier this year, Twitter sent out an email to media groups saying, “We believe that these attacks will continue, and that news and media organizations will continue to be high value targets to hackers.”
Author Rob Waugh, We Live Security