Skype has its blog and Twitter account hacked by Syrian Electronic Army

Graham Cluley

SkypeOh dear oh dear oh dear.

It may be a brand new year, but clearly the Syrian Electronic Army are not turning over a new leaf – with Skype the latest victim of the notorious hacking group.

Earlier today, the Skype blog was compromised by the SEA, who posted a series of messages.

Hacked Skype blog

Skype’s official Twitter account, followed by over three million people, was also hijacked by the hackers who posted a series of messages related to the ongoing NSA surveillance controversy.

Hacked Skype account

Don’t use Microsoft emails (hotmail,outlook). They are monitoring your accounts and selling the data to the governments.

That’s particularly embarrassing, of course, when you remember that Skype is actually owned by Microsoft.

Chances are that Skype didn’t read my New Year’s resolution advice about not using the same passwords for multiple accounts.

In all likelihood, the publicity-seeking Syrian Electronic Army managed to trick Skype’s social media team into handing over a password via a targeted phishing attack, unlocking both access to the service’s blog and Twitter account.

(There are also reports, by the way, that Skype’s Facebook page was also compromised briefly – which adds more fuel to the fire that Skype screwed up by committing the cardinal sin of using the same password for different sites).

Alternatively, it’s possible the SEA managed to phish the password for a Skype employee’s email account, and from there gathered information about how to log into the various social media accounts.

Maybe Skype’s team would be sensible to investigate solutions such as two factor authentication, and ensure it is using unique passwords in future.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.
Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET UPDATES