One of the most popular free calling App "Viber" for smartphones got hacked and defaced their one of the subdomain i.e https://support.viber.com/ by Pro-Assad hacker group the Syrian Electronic Army.
SEA hackers also suggested Viber (an instant-messaging and VoIP service) users to uninstall the application because company is spying and tracking each user, recording IP address of each user in database as shown above, "Warning: If you have "Viber" app installed we advise you to delete it" they tweeted. Earlier this year, Viber announced that it had over 200 million mobile users.
Just today same hackers also managed to hacked into Daily Dot News website and deleted an article against them and last weekend Millions of Phone Book records were stolen from Truecaller Database by SEA.
Update : Just after announcing the hack publically, Viber administration team takes down the defaced domain. If you still want to see the deface page, please check Mirror of Hack.
Update: Viber has told TechCrunch how the attack happened; they say your data is safe:
Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.
It is very important to emphasize that no sensitive user data was exposed and that Viber's databases were not "hacked". Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.
We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future.
Just today same hackers also managed to hacked into Daily Dot News website and deleted an article against them and last weekend Millions of Phone Book records were stolen from Truecaller Database by SEA.
Update : Just after announcing the hack publically, Viber administration team takes down the defaced domain. If you still want to see the deface page, please check Mirror of Hack.
Update: Viber has told TechCrunch how the attack happened; they say your data is safe:
Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.
It is very important to emphasize that no sensitive user data was exposed and that Viber's databases were not "hacked". Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.
We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future.
Update : Viber representative commented on the The Hacker News's story, "no sensitive user data was exposed and that Viber's databases were not "hacked". Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system. We are reviewing all of our policies to make sure that no such incident is repeated in the future."
Update : Viber's helpdesk (support.viber.com) is using Kayako's customer service software, used by more than 30,000 organizations.
An official statement from Kayako to The Hacker News, "The security of our customers' helpdesks and data is our highest priority. As Viber said in their statement, this looks to be an isolated compromise of an individual's account. Even so, we have taken the precautionary measure of auditing our systems. At this time we have no reason to believe that any other Kayako system or customer has been affected and we will continue to monitor the situation."
Update : Viber's helpdesk (support.viber.com) is using Kayako's customer service software, used by more than 30,000 organizations.
An official statement from Kayako to The Hacker News, "The security of our customers' helpdesks and data is our highest priority. As Viber said in their statement, this looks to be an isolated compromise of an individual's account. Even so, we have taken the precautionary measure of auditing our systems. At this time we have no reason to believe that any other Kayako system or customer has been affected and we will continue to monitor the situation."
