Over the last few days two popular VOIP apps, Tango and Viber, had their servers breached that compromised customer data and support sites.
The Syrian Electronic Army (SEA), a pro-Assad hacker group known for hacking Western websites, typically defacing and trying to push Syrian propaganda, have claimed responsibility. The group has claimed responsibility for hacking The Onion and The Guardian’s Twitter accounts among others.
The attack on Tango came on July 19th and involved accessing one of their backup servers.
SEA claims to have stolen user numbers, emails, and contact information. The SEA has posted images of a Tango server directory and app log, also claiming to have access to 1.5 terabytes of user content.
Tango has acknowledge being compromised, sending out a Tweets notifying customers and apologizing.
The attack on Viber consisted of defacing a Customer Support page along with stealing app related database information. On SEA’s website they’ve posted a screenshot of a Viber system’s data that contains information related to phone numbers like UDID, IP and device OS. They’ve also released names and phone numbers of Viber app administrators.
In a statement to Security Consultant Graham Cluley, Viber pointed to an employee falling for a phishing scam that led to the security breach and claim no confidential data was compromised. They are working to remedy the security holes and have repaired their Support page.
Both Tango and Viber did not confirm SEA was behind the attacks.
The reason behind the attacks and exactly what data was actually stolen remains unclear.
In Viber’s case, if it actually was a phishing scam they are definitely in need of some internal security training.
If you use one of these apps I recommend changing your password to be on the safe side, unfortunately we have to put our trust in companies securing our data—this is one of those times where it didn’t work out.