Skip to main content

BBC Twitter hacked by Syrian cyber terrorists

seaFor a number of British Twitter users, the weather forecast on Thursday was cloudy with a chance of political cyber terrorism after the @BBCWeather Twitter account was hacked by a group called the Syrian Electronic Army.

Having gained control of the @BBCWeather feed – one of three BBC accounts the Syrian Electronic Army claimed it hacked – the group tweeted that it had also taken @BBCArabicOnline and the local station @bbcradioulster. On the @BBCWeather feed, the SEA replaced traditional weather news and updates with messages like “Hazardous fog warning for North Syria: Erdogan orders terrorists to launch chemical weapons at civilian areas,” and the more satirical, “Earthquake warning for Qatar: Hamad Bin Khailifah about to exit vehicle.”

All of the fake tweets posted while the accounts were under SEA control have since been removed, a BBC spokesman said in a statement confirming the hacks. “The BBC Twitter accounts which were hacked earlier today are now back under our control and all inappropriate tweets have been deleted,” the spokesman explained, continuing “We apologize to our audiences that this unaccepable material appeared under the BBC’s name.”

The SEA took control of the accounts for approximately three hours, judging by the gap remaining on each account post-cleaning. The BBC apparently lost control of the feeds around noon local time on Thursday before regaining control around 3 p.m.

Oddly enough, it’s possible that the Twitter hacks may be related to an earlier attempt that same day to breach online security at the BBC. The Guardian reported that employees at the BBC had been the subject of a number of phishing emails that day that implicated both the Guardian and Human Rights Watch in a strange sting to gain access to company email addresses and accounts.

The Guardian report also stated that BBC staff received a warning post-Twitter hack asking everyone not to open any email with the subject line “URGENT” and the body text “Please read the following article to its importance.” Said phishing emails included what were supposed to be links to articles at both the Guardian and Human Rights Watch portals, but redirected visitors to what claimed to be an additional BBC email portal that required addresses and passwords to gain access.

It’s somewhat surprising – and a little depressing, as well – that, in this day and age, such obvious phishing attempts can still be so successful. The only unanswered question is where the Syrian Electronic Army will strike next – and whether they’ll use these old school methods again when they do.

Editors' Recommendations

Topics
Graeme McMillan
Former Digital Trends Contributor
A transplant from the west coast of Scotland to the west coast of America, Graeme is a freelance writer with a taste for pop…
Obama calls for tighter cyber security after U.S. Central Command Twitter hack
kentucky hospital subjected to ransomware hacker keyboard

Unknown hackers claiming to be Islamic State (ISIS) militant supporters took over the U.S. Central Command's Twitter and YouTube accounts briefly on January 12. The two websites moved quickly to suspend the compromised accounts and prevent further posts. Meanwhile, the U.S. government confirmed the hacks, but stated that no sensitive information was leaked.

The White House is currently monitoring the hack and seeking out those responsible. Two U.S. defense officials told Reuters the attack is an embarrassment, but not a threat to the country or its service members.

Read more
The Syrian Electronic Army celebrates Thanksgiving with widespread ad hack
syrian electronic army celebrates thanksgiving widespread ad hack

If you've ventured online today then you might have found images from the Syrian Electronic Army appearing where advertising should be. The activist group, which supports the Assad regime in Syria, has claimed responsibility for an advertising network hack that has been timed to coincide with Thanksgiving.

It's not a hugely significant security breach, as no user data has been exposed, but many websites across the Internet have been affected. Sites run by Forbes, The Chicago Tribune, CNBC, PC World, the NHL and Canadian broadcaster CBC are said to have been affected. It's believed that the SEA's route of attack was through the popular commenting platform Gigya.

Read more
Twitter restores TweetDeck after major hack disables app
Election 2012 social media numbers

Earlier today, a major hack revealed a security flaw in Twitter's popular TweetDeck app. Hackers reportedly discovered a "cross-site scripting" (XSS) vulnerability in the system, forcing the company to take all of its TweetDeck apps down for a short time. Twitter says that the error has since been fixed and access to the TweetDeck apps is back to normal.
As soon as the problem was discovered, Twitter issued an update that was supposed to patch the issue. Less than an hour later, when it became apparent that the fix had failed, the micro-blogging site quickly removed all the TweetDeck apps. The service was down for almost an hour before Twitter could confirm that the bug had been fixed. Access was quickly restored. 

We've verified our security fix and have turned TweetDeck services back on for all users. Sorry for any inconvenience.
— TweetDeck (@TweetDeck) June 11, 2014

Read more