ITV London hacked on Twitter. Syrian Electronic Army strikes again

Graham Cluley

The Twitter account of ITV News in London was hacked late yesterday by members of the Syrian Electronic Army, as the following screenshot shows:

ITV London hacked

As I warned earlier this week, Twitter’s introduction of two-factor authentication is unlikely to stop the wave of high profile hacks of the network.

Chances are that ITV London was struck in the same (unsophisticated but effective) way as previous victims of the SEA – with employees targeted by forged emails, which lead to a fake login page that steals their usernames and passwords.

Once the SEA have crowbarred their way into their intended targets’ network, they can send further emails to other staff, hoping to scoop up more usernames and passwords and dig out credentials to hijack Twitter accounts and post embarrassing tweets in the organisations’ name.

In recent weeks, the Syrian Electronic Army have broken into online accounts belonging to the likes of The Guardian, Associated Press, CBS, FIFA and the BBC, resulting in Twitter issuing a warning to all media organisations to take greater care over their security.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.