Viber Gets Hacked by the Syrian Electronic Army


By: Ali Raza  |   July 28th, 2013   |   News

The free messaging and calling service, Viber, made it known on Tuesday, July 23rd that it has been hacked by the Syrian Electronic Army, a group of hackers that is aligned with the President of Syria, Bashar al-Asad. Viber also revealed in its official statement that the hack did not cause any serious damage and only two of their minor systems, a support administration system and a customer support panel got  affected in this phishing attack.

 

However, according to the London-based company that has its development centres in Israel, “no sensitive user data was exposed and Viber’s databases were not ‘hacked’.” But Viber did not confirm whether or not the attack was made by the Syrian Electronic Army even though the hacker group does claim the responsibility.

Below is the official statement that Viber released after the hack:

 

“Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.

 

It is very important to emphasize that no sensitive user data was exposed and that Viber’s databases were not “hacked”. Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.

 

We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future.”

 

Later Viber issued further update on the hack:

 

“The data is quite basic – we want to know when user registered, where from (country), device type (helps us understand who uses Viber, detect problems, etc), UDID is an internal ID (not the Apple UDID), push token is used to communicate with users (but cannot be used by a 3rd party), etc. While this is not the most sensitive data (message content, address book, etc), we are disappointed that hackers were able to gain access to these systems. We are working, as we speak, to make sure that this will not happen again.

 

The system that was breached is our CSR (Customer Support). Supporters need access to this data to help users with various technical issues. Most app developers would provide their supporters with similar data.”

 

On the other hand, here is what hackers wrote after taking down the support page of Viber:

 

“Dear All Viber Users,

 

The Israeli-based “Viber” is spying and tracking you

 

We weren’t able to hack all Viber systems, but most of it is designed for spying and tracking.”

 

The popular calling messaging app also responded to the accusations of hackers by saying that:

 

“Viber, like many other companies such as Microsoft, Cisco, Google, and Intel maintains a development center in Israel. It seems like this caused some people to come up with some pretty bizarre conspiracy theories. It goes without saying, that these claims are completely without merit, and have no basis in reality whatsoever.”

 

Source: Techcrunch

Photo: Softonic

Leave a Reply

Your email address will not be published. Required fields are marked *