November 21, 2024
Viber App Hacked By Syrian Electronic Army

Viber App Hacked By Syrian Electronic Army

Posted July 23, 2013 at 6:19pm by iClarified
Viber, a popular messaging app, has been hacked by the Syrian Electronic Army. The news comes just days after the same group of hackers accessed the database of the Tango messaging app.

The group defaced the support site support.viber.com and posted a message acknowledging that "We weren't able to hack all Viber systems". They also alleged the service was designed for spying and tracking; however, there is no evidence to suggest this and the screenshots posted only contain device information that would be necessary for messaging app to retain.

The hackers did say that "Some backups were downloaded successfully" but it's unclear what or how much user information has been compromised.


Viber has since taken down it's site and is presumably working to address the hack. They responded with the following message.

Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.

It is very important to emphasize that no sensitive user data was exposed and that Viber’s databases were not “hacked”. Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.

We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future.



Viber's support software is powered by Kayako, which more than 30,000 companies use world wide. They have issued the following statement to iClarified and have assured us that this issue seems to be an isolated issue as no other customers have been affected.

The security of our customers' helpdesks and data is our highest priority. As Viber said in their statement, this looks to be an isolated compromise of an individual's account. Even so, we have taken the precautionary measure of auditing our systems. At this time we have no reason to believe that any other Kayako system or customer has been affected and we will continue to monitor the situation.

Read More [via iSay.ro]


Viber App Hacked By Syrian Electronic Army

Viber App Hacked By Syrian Electronic Army

Viber App Hacked By Syrian Electronic Army
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
Comments (19)
You must login or register to add a comment...
Marcus1571
Marcus1571 - July 25, 2013 at 9:26am
Let me get this straight. Other than these SEA folks being super pissed off at anything even remotely Israeli for ramified cultural reasons (let's diplomatically leave it at that), what exactly do you hope to discover by hacking a support database in a website??? The full list of its users? The whiny requests for help posted over the months? Maybe the users' emails and even more maybe the phone numbers? Because you sure as hell not going to find our messages, both parties involved here confirmed they are kept in an isolated subsystem. So these SEA, go in (FACT), steal all they can about this helpdesk database/forum (FACT), including the emails and phonenbers of the admins (FACT and if I may: uuuuuhhhh big deal!!!): and all this in "yulia" and apparently (word of the day!) only yulia's mind is proof that Viber is: 1. Stealing 2. Conspiring or already selling info to nobody knows who 3. Spying Seriously: explain to me how?! How can anybody spy on my phone or email just by magically knowing them (other than the email company, phone company or NSA). They just have "a name" (like I give my real one in any forum!) an email (again, forum created email for me) and my phone number. And that's it! I put this info in that support forum (hypothetically speaking), as I do in tens of other forums. So all this still doesn't explain squat, other than empiric proof of the banal blind hatred these SEA have for Israel. All we know is that these info are now in the hands of these SEA folks and I personally don't trust them with even half my email. Have we all switched off our brains here? Are we really at the point where the moment we read that a snotty hacker have passed a firewall we stop thinking and start fabricating dreamy scenarios of digital heroes fighting a necessary evil beacuse bigger Goliath (if I may borrow from the Bible)? WhatsApp, Fring, Viber, Skype, Tango, Dropbox, ...: all started as startup created by starry eyed adventurous young people that decided they had the ideas and the guts to challenge the behemoths of the current industry. So it was for Apple vs IBM, a garage full of three kids vs the biggest electronic company at that time. These company provide a tremendous service at little or no cost, pushing down the cost of that service and kicking in the nuts the "until then" monopolist behemoth and forcing it to lower the prices or lose. All this benefit the poorest users and damages the top of the hill fat cat! It's called FREE MARKET! Read something by Thomas Sowell and start dreaming for the real underdogs.
No
No - July 25, 2013 at 11:29am
I own an email , but do you know who am I ? No . Now I have an email simcard ( wich can reveal my identity because when I was buying it , I had to authenticate my identity ) , now you know who I am. And more things if you think more ...
Marcus1571
Marcus1571 - July 25, 2013 at 11:57am
I'll bite. So, if your identity is "physically" in your SIM card then knowing the phone number won't reveal it. If instead your "certified" identity is store in the phone company database that issued the SIM card then you need to hack that database in that phone company. Knowing your phone number through word of mouth or because you see it sitting in the Viber helpdesk database won't bring anyone close to your identity. Unless you registered at the forum with your real name and that phone number but then at that point you had to know that anyone reading your post could havr made that connection. No offense whatsoever but I am still under the impression that "we're trying to frying with water" here (Italian saying).
No
No - July 25, 2013 at 1:19pm
Unless they store these informations and send it to somebody who can use it . Who can get your identity by knowing your phone number . When you want to spy you shouldn't miss even a bit of data , and it needs lots of cooperations . these informations can help in some cases that your identity is not completely recognized and they only guess it . So spying possibility is NOT IMPOSSIBLE .
Marcus1571
Marcus1571 - July 25, 2013 at 1:55pm
Sure, but the question remains: How exactly is that some hackers enter a (.....get ready.....) database, of a helpdesk forum, get some username and other data you create an account with from the database, post some, keep the rest and (and this is the incredible part) claim that Viber is "stealing" info and "spying" on all of us. All I know is that there was this database, with all the users of the forum, no surprise, it is like claiming that a book has pages, and that the SEA "stole" and "spied" on Viber. And ALLLLLLLLLLLLLL this huge numbers of walking dead hipster is now listening to the only one who did the stealing and the spying and agreeing with it. I'm all pissed off with the NSA thing, but this is gianormously pathetic! Come on!!!
No
No - July 25, 2013 at 5:27pm
As Viber said : Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack. So there are private informations and SEA got access to some of them . The question is why ? To show they're power off or to say that viber is not safe or other things. The other question is HOW ? The Viber employee might be they're assistant. He got the email , they hacked the forum , he sent them some datas . I didn't say that the group who calls itself SEA got datas by hacking the database . I said that spying theory is possible and maybe they found it out and hacked the forum . That's it .(also I'm always READY)
Marcus1571
Marcus1571 - July 26, 2013 at 10:50am
If you have access to a forum, a helpdesk, and its user list you have access to sensitive information. There you have the emails, the names (provided they are real), the passwords. The passwords are tricky and I say this because typically a non techsavvy person is likely to use the same password for everything, so if I use my email on a forum and then I use "a" password there are a lot of cases in which that password is the same for both. Should we call this average user stupid? Probably so. But this is true for every forum of the planet. People shouldn't be using the same password for forums and emails as well as they shouldn't write the PIN code on their credit card or the address on their house keys. Again, all this incident proves so far is that some hackers got accessed to data from this forum. And at this point there is nothing suspicious in that data being in the forum database to begin with while it is worrying that these probably ruthless individuals now have all these passwords and emails to match and see what is coming out of it. See, it all starts with them committing a crime and stealing sensitive private data. So if we stop here they are the villain (SEA). But then they claim to have done so for selfless righteous reasons because (and they provide no proof, no evidence of this) this Viber company steals data and spies on people. So now to the eyes of the hipster they are the glorious hero while Viber is the hideous villain. Well I say: Mmmmmmm! If you can say that of Viber's helpdesk then you can say that of every single forum and helpdesk on the Internet. Bottomline, they wanted to reverse Viber like a glove, inside-out. All the managed to achieve was to penetrate the forum and launch accusations that are ridiculous. Viber is in Israel, not in the USA, they don't even bend to NSA whimsical rules. So until someone shows me evidence these SEA are scammers and way too many people with too much time to spend on the web are fools. Please, do not take this message as an attack to your opinion. I'm just stating my idea. We disagree on at least half of this argument. We can agree to see if this story evolved in one direction or the other and then I'll offer you a symbolic beer or you'll offer me!
Viber
Viber - July 24, 2013 at 11:36am
Hi, I'm an official representative from Viber. As explained in the article, no sensitive user data was exposed and that Viber's databases were not "hacked". Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system. We are reviewing all of our policies to make sure that no such incident is repeated in the future. If you have any more questions/doubts, please feel free to let us know. :) Thanks, The Viber Team.
BA
BA - July 24, 2013 at 5:56am
The Israelis get in trouble again.... Here's the problem since people want to buy the information and spying is done by every one , its a 'me too' atmosphere and we all know they wanna make $
nabil
nabil - July 23, 2013 at 11:48pm
i have a naturel aversion to this app.... maybe the logo ?...maybe.
yulia
yulia - July 23, 2013 at 7:17pm
These guys are like the new Anonymous! Quickly rising to popularity! I support these guys for exposing such information! As long as your connected to the internet! Your data will never be safe!
3
Excuse me?
Excuse me? - July 23, 2013 at 7:25pm
Sorry, I don't understand what you're supporting. You mean you support hackers who break into companies' systems and take private information to do whatever with? Really? Why would you support that?
ionica
ionica - July 23, 2013 at 7:26pm
It seems that only the support interface was discovered in a minor part, so we don't have to worry about a database hack.
ionica
ionica - July 23, 2013 at 7:28pm
Perhaps is just a kid, and he doesn't realises what this things worth and how is working.
rexology
rexology - July 23, 2013 at 9:23pm
It's the new hype he is supporting. The idea of Hacking, and any affiliation to the infamous group, Anonymous, seems to be what he is supporting. Anonymous, is a group that will fight for people who cannot fight back. This on the other hand, should not be tolerated. Viber and Tango, like Whatsapp and other companies, are trying to grow a business from the bottom up. This group is basically chopping them down.
yulia
yulia - July 23, 2013 at 9:31pm
Supposedly they are spying on us and giving away information which is why I support them exposing the information like Anonymous.
yulia
yulia - July 23, 2013 at 9:32pm
The only reason I support them is because apparently viber is spying on us and reporting information. That is the only reason why I support what they are doing.
Excuse me?
Excuse me? - July 24, 2013 at 12:09pm
Yulia, I understand what you're saying, but I cannot agree. I wholly support whistleblowers, or individuals that break laws they believe to be unjust. But, and this is a big point, the people I mention have to accept the consequences and prove their intention to be honourable. The SEA has offered no proof of their claim of "spying", and until/unless they do, they're simple criminals. Just like that moron that hacked into Apple's developer center for "educational reasons". There seems to be a societal trend, mostly amongst the younger generation, that worships the "Robin Hood" facade that hackers cultivate for themselves... I'm referring to the hype that rexology mentioned above. While I understand that as a reaction to the transgressions of corporations and governments, it saddens me that for the most part it is really the same thing but for another side, instead of a shift toward ethics, responsibility, and accountability. Hurting (hacking) for the sake of hurting is not right. Disclosure of wrongdoings is right.
rexology
rexology - July 24, 2013 at 2:41pm
"Apparently" will not hold water. "Apparently" will not hold up in court either. It doesn't matter why the Hackers did what they did to Viber and Tango. Without sufficient proof of the matter, these hackers are just vigilantes without any real cause. "1.5B User Data Compromised..." These users are regular people who work and pay bills and sht....if anything, the hackers are the ones who are capable and probably are spying on us.
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
Where to Download macOS Ventura
Where to Download macOS Sequoia
AppleTV Firmware Download Locations
Where To Download iPad Firmware Files From
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS