The Hacker News is reporting that communications app “Viber” has been hacked by the Syrian Electronic Army, a “pro-Assad hacker group”. In addition, their support webpage was defaced before the company took the page down. Support.Viber.com currently leads to a “403 Forbidden” page.
The webpage placed by the SEA stated:
Dear All Viber Users,
The Israeli-based “Viber” is spying and tracking you
We weren’t able to hack all Viber systems, but most of it is designed for spying and tracking
Screenshot of a hacked system: [screenshot]
It is unclear if the SEA is planning on using this information or if their sole intention was to expose the tracking information stored in Viber’s database. Each record in the database stores the UDID and IP address of each call, however, one may presume this information is stored for purposes other than tracking and spying on its own users (e.g. presenting the data to the proper law enforcement authorities upon request).
We’ve asked Viber to comment about the scope of the hacking and defacing and will update this post if new information arises.
Update: Viber has responded to our request for comment:
Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.
It is very important to emphasize that no sensitive user data was exposed and that Viber’s databases were not “hacked”. Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.
We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future.
Update 2: The maker’s of Viber’s customer service helpdesk software Kayako have responded to the situation as well, noting that it is an isolated situation and the email phishing was the vulnerability that allowed for the hacking.
The security of our customers’ helpdesks and data is our highest priority. As Viber said in their statement, this looks to be an isolated compromise of an individual’s account. Even so, we have taken the precautionary measure of auditing our systems. At this time we have no reason to believe that any other Kayako system or customer has been affected and we will continue to monitor the situation.