Skip to main content

ITProPortal hacked by Syrian Electronic Army

The Syrian Electronic Army (SEA) has once again claimed responsibility for a cyber-attack against a major website, in order to spread its anti-American message. But this time, the target was a little closer to home than we were used to. That's right: today ITProPortal has become the latest in a string of high-profile hacks by the Syrian Electronic Army (SEA).

The SEA rose to notoriety after hacking the White House last year, as well as a Twitter feed belonging to President Barrack Obama, and more recently Skype, which was hacked at the start of January. Microsoft also felt the burn at the start of 2014, and at the time, the SEA warned the Redmond giant to "stay tuned for more."

Apparently, ITProPortal's borderline obsessive coverage of the group's activities seems to have got the attention of the SEA.

Around 23:47 GMT on 31 March, visitors to ITProPortal began to notice disturbances. Access to some pages related to the SEA was restricted, with 404 error pages meeting anyone who attempted to access them from Google or elsewhere on the site.

There were also intermittent service issues disrupting traffic across the site. We believed at the time that this may have been a crude distributed denial of service (DDoS) attack. But as we frantically struggled to get our site back online, social traffic began to flood in about a potential hack on ITProPortal, and we realised the true gravity of the problem.

As the clock passed midnight, that's when the real problems began.

"WTH," one commentator tweeted. "The itproportal logo is replaced with doge!! When did you guys chaneg it?" [sic]

Nobody had changed it. Not on the ITProPortal team, anyway. When we managed to get the site to load, we saw that the ITProPortal banner at the top of the site had been replaced with a crude imitation made in a doge meme generator.

When we attempted to gain access to the back-end to fix the problem, none of our passwords worked. That's when we knew we were in for some serious trouble.

We watched helpless all today as the site we love was torn down about our ears. Fake news stories began to crop up, making outlandish claims and spreading disinformation among our usually immaculately-informed readers. PR representatives and press liaison from just about every major company began phoning in, asking us why these untrue stories were being published.

All we could do was watch and wait as our web development team scrambled to regain access to the site.

That's when the hackers got into our staff "About Us" page.

This was serious. No one messes with our staff pages and gets away with it! As the day wore on, and more and more fake stories appeared on the site, the SEA finally broke their cover and admitted to being behind the hacks.

At 08:23 GMT the SEA posted the following tweet to their official account:

We didn't know what we were more angry about: the devastating hacking of our beloved site, or the misspelling of our name to "ITProProtal". We comforted ourselves with the fact that they had not, at least, mistaken us for our bitter rivals, IT Pro.

By the time access to our accounts was returned at the end of the morning, the site was in tatters. It has taken many hours to return all parts of ITProPortal to their previous pristine state, and remove all of the misleading news stories from circulation.

In response to the attacks, we have also decided to undertake a complete security overhaul of the site. Everyone on the team has been asked to make their passwords more secure by adding a "1" on the end. They have also advised to choose a password from our list of most-used passwords, such as "123456" and "password" in an effort to double-bluff potential cyber-criminals.

We sincerely apologise to any of our readers who were affected by the hack, and any who fell for the maliciously-posted news stories.

There's another thing to add. The SEA recently published the emails of three Microsoft employees after hacking the company's accounts back in January. We at the ITProPortal team sincerely hope that none of our email accounts have been compromised. However, we trust that our readers will understand that anything released claiming to be genuine correspondence from the team is a lie, and the kind of spurious accusations that might follow such a release will merely be the kind of malicious character assassinations that so often





LOLLOLOLL W3 R T3H HAXX0RZ & WE HACK3D U AGEN!!!!!!!!!!!!!!!!!!!!!!!!!! SEE U N3XT APRIL!!!!!!!!!

أبريل سعيدة تنطلي اليوم الجميع. نأمل أن تكونوا قد المرح، ولم يحصل الخلط جدا. لا تنزعج لمزيد من التعليق والتحليل