The support site for the popular chat application Viber appears to have been hacked today by the Syrian Electronic Army, with their support page defaced and an extract from their user database extracted. In a statement made on the defaced page, the SEA wrote:
Dear All Viber Users,
The Israeli-based “Viber” is spying and tracking you
We weren’t able to hack all Viber systems, but most of it is designed for spying and tracking
Screenshot of a hacked system:
The Phone numbers of Viber administrators:
[personal data redacted]
Some backups were downloaded successfully.
The move marks a turn in strategy for the pro-government hacking group, with their previous moves including hacking Twitter accounts and defacing Sky apps. The exact data taken by the hacking collective is as of yet not clear, and Viber have not yet issued a statement on the matter. We’ll update this post when we hear more.
Update – Techcrunch have found the official statement from Viber
Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.
It is very important to emphasize that no sensitive user data was exposed and that Viber’s databases were not “hacked”. Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.
We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future.