Skype social media accounts including their Twitter account, Facebook page, and blog were hacked by a group claiming to be the Syrian Electronic Army (SEA). Athough Skype gained control of their accounts and deleted the SEA's posts, the SEA tweeted in their own account this message:
Don't use Microsoft emails(hotmail,outlook),They are monitoring your accounts and selling the data to the governments.http://blogs.skype.com/2014/01/01/dont-use-microsoft-emails-hotmailoutlook-they-are-monitoring-your-accounts-and-selling-the-data-to-the-governments/ …Apparently, Edward Snowden and his release of NSA secrets, which impacted 2013 like no other story (except maybe ObamaCare) will continue to impact 2014. What I find amazing is that the SEA hacked two different social media accounts plus Skype's blog web server. I'm curious... Did the SEA spend months hacking all three accounts until they found all the credentials and then waiting for the perfect opportunity to strike? Does Skype use the same credentials on all three websites and thus their 'hypothetical' laziness in creating unique passwords caused all three to be vulnerable? Or does Skype have a saboteur working within their organization that is a Syrian Electronic Army sympathizer and they know all the credentials and provided them to the SEA?
I find it hard to believe the SEA figured out the username and password for two major social networks and their own blog server purely by brute-force password guessing. I'm betting both Facebook and Twitter eventually lock out an account after certain number of failed attempts. I also doubt the SEA discovered vulnerabilities in two major social networks and a blog server. Perhaps "human" social engineering was employed to gain access?
Further, I know Facebook offers two-factor authentication, which sends a code via SMS to your registered mobile phone device. Twitter also offers two-factor authentication. I don't know how the SEA did it, but perhaps Skype should turn on this feature and this hack wouldn't have happened.
Via The Next Web