Viber has been hacked by the Syrian Electronic Army

ViberViber - the popular VOIP messaging app beloved by iPhone and Android users -hasn't acknowledged the problem yet, but it has a major security problem going on right under its nose.

The notorious Syrian Electronic Army has claimed credit for an attack against the free phonecall and texting app's website, which has resulted in Viber's Support and Knowledgebase website being commandeered by the hacking group, and private data about users published on the web.

The news of the Viber hack comes only days after the same cybercriminals managed to steal details of millions of Tango users, another mobile messaging app.

Viber's support website at currently looks like this:

Defaced Viber webpage

Clearly it can no longer be considered under the control of Viber itself.

Part of the message on the defaced website reads:

Hacked by Syrian Electronic Army

Dear All Viber Users,

The Israeli-based "Viber" is spying and tracking you

We weren't able to hack all Viber systems, but most of it is designed for spying and tracking

Screenshot of a hacked system:

Embedded within the defaced webpage is a link to a screencapture of what appears to be an internal database by Viber employees showing users' phone numbers, device UDID, country, IP address, operating system and version, first registration to Viber, and what version of Viber they are using.

Viber database

I've blurred out the information in the above screenshot, but the hackers made no such attempts to protect users' privacy.

In the example posted by the Syrian Electronic Army, the phone numbers all have the internationally dialling code of 963 - the code for Syria.

In addition, at the bottom of the defaced webpage, the hackers published the names, phone numbers and email addresses of Viber administrators.

This is obviously highly damaging to Viber.

My guess is that the Syrian Electronic Army was able to trick a member of Viber's staff into handing over their username and password (possibly via a phishing attack), and the hackers were then able to use this information to crowbar their way into Viber's internal systems, with damaging results.

The Syrian Electronic Army is very happy to put the boot in it seems, tweeting out:

SEA tweet

Warning: If you have "Viber" app installed we advise you to delete it

Earlier this year, Viber announced that it had over 200 million mobile users.

There is currently no mention of the security issue on Viber's Twitter or main website.

A Viber spokesperson got in touch with me, and gave me the following statement:

"Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.

It is very important to emphasize that no sensitive user data was exposed and that Viber's databases were not "hacked". Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.

We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future."

In addition, I was told that the UDID displayed on the screenshot is not the device UDID, but instead an internal Viber ID number.

Viber is understandably trying to calm users about the security breach. But the fact remains, that the Syrian Electronic Army succeeded in getting unauthorised access to data held in Viber's support systems, and were able to access (at least some) users' phone numbers and users' IP addresses.

Tags: , , , , , , , ,

Subscribe to the free GCHQ newsletter

, , , , , , , ,

Special offers & deals

  • Sticky Password Premium: Lifetime Subscription

    Sticky Password Premium: Lifetime Subscription

    Sticky Password protects your online identity by providing strong encrypted passwords for all your accounts, managed by a single master password known by you, and only you. Available for Mac, Windows, iOS, and Android. For a limited time, it's 80% off in our store.
  • IT Security & White Hat Hacking: CompTIA & Cisco Certifications

    IT Security & White Hat Hacking: CompTIA & Cisco Certifications

    Whether you're a beginner or mid-level professional, you'll want to take this comprehensive online course, to help you attain two industry-recognised certifications. You'll master mobile hacking, VPN technologies, penetration testing, and much more--giving you the knowledge you need to succeed in any IT workplace.

More deals...

Leave a reply

15 Comments on "Viber has been hacked by the Syrian Electronic Army"

Notify of

Sort by:   newest | oldest | most voted
July 23, 2013 5:45 pm

The hacked page is still up. I'm happy they are not collecting messages at least if they hacked everything. Still surprised Syria has a decent hacking team considering they are in a civil war.

Nick Braak
July 23, 2013 6:15 pm

I agree that based on their past achievements phishing is the most likely attack vector.

Why break locks and make a mess when you can open the door with a key. (Old Syrian proverb) :-)

Jamie Edwards
Jamie Edwards
July 23, 2013 7:15 pm

Hi Graham,

Jamie here from Kayako (Viber's helpdesk vendor). We're working closely with Viber to figure out what has happened. At this time it looks as though this attack, with respect to our platform in general, was isolated. Obviously, we're combing through things.

July 24, 2013 1:52 am

What a garbage piece of alarmist reporting!

I would greatly like to know how a "Verteran" in the software industry could look at this news feed, and not see that this is some of the most basic data a company would need to both market their product, and support their users.

Not to mention support options like push messages to an application that is not wholy interegrated by the OEM.

Yes the company had a portion of the system hacked; That's Bad! I fully admit.

Your alarmist one side non technical write up is utter trash and a total disappointment from a veteran reporter and coder.

July 24, 2013 2:04 am

no doubt Al-Assad's hackers consider this a great victory not only because it's -like tango- a VOIP app which is used by many activists (sometimes even freedom-fighters)…… but because it's also founded by an Israeli which really helps in their propaganda ….. I'm pretty sure that the ones who did this aren't Syrian probably Russians or Iranians since both have personnel in Syria to help in various aspect.
however i do believe that the ultimate goal for this group is no doubt Skype …… it's THE most used app by activists and the mere existence of this app on your mobile phone or PC in Syria might lead to detention and sometimes torturing to death

Motti Shneor
Motti Shneor
July 24, 2013 7:35 am

As an israeli developer of Audio/Video conferencing tools, and a friend of several Viber workers, I feel a little embarrassed about such hacking and exposure of client data.

However, please remember that the pieces of software that were hacked and were NOT viber code — almost certainly Microsoft code. IT tools, Web servers etc.

My personal belief is that the world of IT is so over-complicated and so bloated, just to feed those hoards of IT personnel, that there MUST always exist a hole somewhere.

What I don't like about this report is that IT TAKES NO SIDE. Was it a more physical terrorist attack the adjective used for the "organization would not be "notorious".

Generally speaking, wherever there is something to take — someone will attempt to take it. Same on the internet. An important part of fighting against crime is to denigrate it.

Where are you Mr. Graham Cluley? Are you on the side of attackers, or the victims? You too use technology that is prone to such attacks. Would you want your own personal information to be used maliciously?

Of course Viber, Apple, Microsoft and all other software providers must work harder to make their systems more secure. But the real effective way against such crimes is to educate children against it, in much the same way you teach them not to throw stones at the neighbor's windows.

July 24, 2013 12:42 pm

I'm an official representative from Viber.

As explained in the article, no sensitive user data was exposed and that Viber's databases were not "hacked". Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.

We are reviewing all of our policies to make sure that no such incident is repeated in the future.

If you have any more questions/doubts, please feel free to let us know 

The Viber Team.

August 20, 2013 3:51 pm

Since the Wikileaks revealed lots of reality. So this would also be a plus point for them that Viber is also spying on users.

August 20, 2013 3:59 pm

Hi Viber Team,
Since the Wikileaks and their friends revealed lots of reality. So this would also be a plus point for them that Viber is also spying on users. Do not give us the explanation that you're not spying on users. I will definitely going to delete Viber app and I'll use another VoIP app.

November 25, 2013 1:34 pm

I use viber app on my iphone. I found out last August that many personal information, sent/received files and communication I had over viber were somehow copied and downloaded by a third party (hackers). An email was sent to me with as excel file that included chat history included specific times and contacts phone numbers. Personal pictures files sent over viber were also sent in a separate email. I have tried to contact viber through their support email but unfortunately no reply. What happened is still bugging me and I require an explanation on how did this happen. I am willing to share more details to help unrevealing how did this happen and the people behind it.

November 30, 2013 2:06 am

Would like to see a follow-up to all of this….
there's no real info on the net stating that viber has
been strengthened against attacks, or if it's still at
risk. until then, I have uninstalled it, and not recommending it.
Anyone have more current info on this – Mr. Cluely?