BBC News

Sky apps defaced by Syrian Electronic Army hackers

image captionThe hackers posted several messages to one of Sky's Twitter feeds after defacing its apps

Several of Sky's Android apps have been removed from the Google Play store after they were targeted by the Syrian Electronic Army hacking collective.

It follows an attack which saw the logos of six of the UK broadcaster's apps replaced by that of the SEA.

The hackers also breached one of the firm's Twitter accounts, allowing them to post messages urging users to view the defaced programmes.

Targeting apps in this manner marks a new strategy for the group.

Its efforts have previously focused on taking over social media accounts used by the media and western political leaders, and publishing what are claimed to be leaked emails and other files from countries in the Middle East identified as "Syria's enemies".

Israeli newspapers also reported over the weekend that the SEA had mounted a failed attempt to disrupt the water supply in the port city of Haifa.

Defaced apps

The SEA says on its website that its members are supporters of Syrian President Bashar al-Assad, but deny they operate under the orders of his government.

Over recent weeks their victims have included the BBC, Daily Telegraph, Financial Times, Guardian, E! Online, the Onion, CBS News, Associated Press, the US's National Public Radio (NPR) and the football governing body Fifa.

On Friday, ITV - the UK's largest commercial broadcaster - joined that list when its @itvlondon Twitter account was hijacked and used to post fake news stories. The company confirmed it had been duped by a phishing attack suggesting one of its employees had been fooled into clicking a malicious link.

The SEA followed this with the attack on Sky on Sunday.

The company's Sky News, Sky Sports News, Sky Sports Football, Sky WiFi, Sky+ and Sky Go apps were all affected. In addition to having their logos replaced, their descriptions were also altered to read: "Syrian Electronic Army Was Here".

The hackers subsequently posted a message to the firm's @SkyHelp Team account saying: "Both Sky+, SkyNews Android apps were hacked and replaced, please uninstall the apps", adding a link which took users to the Google Play page showing the affected software.

As of Monday morning, this and other spoof messages had not been deleted. Another Sky account stated that: "Due to a security breach Twitter has locked down @skyhelpteam & we are currently unable to tweet from it."

A spokesman for the company told the BBC it was working to reinstate its apps following the decision to take them offline.

The incident came days after Twitter announced it was introducing a two-step authentication process to help thwart further attacks. The security measure involves users entering a six-digit security code sent to their mobile phone account in addition to their password when they sign into the network.

Israel attack

image captionThe SEA had published claims about its attack on Haifa-based computers earlier this month

The SEA's latest action coincided with an allegation by one of Israel's leading cyber-defence experts that the group had tried and failed to sabotage Haifa's water supply.

The Jerusalem Post reports that Prof Yitzhak Ben Yisrael - chairman of the Science Ministry's National Council for Research and Development - said that the hackers had intended to damage computers controlling the northern city's infrastructure earlier this month.

He suggested the attack was a response to Israeli air strikes on Damascus.

The Times of Israel adds that both the city's mayor and the head of the local water company said they had not been informed about the incident before the weekend.

The SEA has previously posted a message to Pastebin claiming it had successfully penetrated computer servers used to control Haifa's urban management systems.

More on this story

  • Twitter tightens security after recent hacking spate