Forgot your password?
typodupeerror
Security Communications Privacy

VOIP Provider Viber Attacked By Syrian Electronic Army 33

Posted by Unknown Lamer
from the bad-hackers dept.
An anonymous reader writes "The hacking group known as the Syrian Electronic Army have hacked into Viber, defacing its support website, and posting what they claim is evidence of surveillance by the free phone-messaging app. The Syrian Electronic Army posted a message claiming the 'Israeli-based Viber is spying and tracking you' alongside what appeared to be a screenshot of an internal Viber database containing users' phone numbers, device UDIDs, IP address, operating system, and Viber version information." Viber is saying the attack was minor: "...the hack only allowed access to two minor systems, a customer support panel and a support administration system. According to the company's official response, 'no sensitive user data was exposed and Viber's databases were not "hacked."' Apparently, an employee simply fell victim to a phishing attack.
This discussion has been archived. No new comments can be posted.

VOIP Provider Viber Attacked By Syrian Electronic Army

Comments Filter:
  • From Wikipedia,

    Viber Media is a Cyprus-based company with development centers in Belarus and Israel. The company was founded by American-Israeli entrepreneur Talmon Marco.

    From that, you can surmise how many different governments are likely to have access to its call "metadata".

    • Re: (Score:3, Insightful)

      by mrmeval (662166)

      Considering the shit this administration has pulled against the Israeli's I think they'd hand them shit and more shit. Why should they make them look good by giving them any intel?

  • by Anonymous Coward

    ...should be point-to-point and use encryption. Anything else is a major design flaw.
    This whole cloud business needs these types of attacks to show what a bad idea it is.

  • "free phone-messaging app" is all anyone should need to know to recognize something as a surveillance tool.
    • by Nerdfest (867930)

      Yeah, but don't let the fact that you pay for it lull you into a false sense of security. If you don't control the encryption keys (and really, have access to the source) you should be suspicious. Don't think your text messages are intercepted?

      • by longk (2637033)

        Every router on the internet is an interception device. Interception doesn't necessarily mean spying. But yes, I get your point. Of course everyone who legally can will harvest and exploit data. To think otherwise is naive.

  • i'm just curious. are we talking about an army of just a few talented hackers here? or is there a list of members as long as that list that they defaced the homepage with?
  • by Nermal (7573) on Tuesday July 23, 2013 @06:24PM (#44366473) Homepage

    Someone please explain how a VOIP service is supposed to work /without/ a table associating numbers with UUIDs, software versions, etc? *eyeroll*

    • by longk (2637033)

      I dunno, my SIP phone works just fine without all this information.

      • by Anonymous Coward

        Your SIP provider surely has a table identifying you to route calls, and your phone surely sends its software version when it connects. Certainly every SIP server software I've seen can list this too. Without some sort of provider to connect to, your SIP phone will be very quiet.

  • by Anarchduke (1551707) on Tuesday July 23, 2013 @11:31PM (#44367871)
    The name reminds me of groups like the People's Front of Judea [facebook.com]

The sooner all the animals are extinct, the sooner we'll find their money. - Ed Bluestone

Working...