Syrian Electronic Army, a hacking group responsible for several visible attacks in the last few weeks, has evidently taken control of BSkyB's Sky apps in the Play Store, replacing the promo headers with SEA's logo, and the app descriptions with "Syrian Electronic Army Was Here."
In a tweet earlier, BSkyB warned its users to uninstall all Sky apps, as they "were hacked and replaced." Indeed, BSkyB's apk files were replaced by the hacking group.
UPDATE: All Sky's Android apps were hacked and replaced... please uninstall it, And we will let you know when it will be available
Sky Help Team (@SkyHelpTeam) May 26, 2013
Syrian Electronic Army, the group behind the infiltration, is also responsible for attacks on the Washington Post, Al Jazeera, Human Rights Watch, Financial Times, the Onion and many others (including Twitter accounts belonging to ITV and BBC Weather), and are "enemies of Anonymous," according to an interview reported on Vice. Earlier today, it was reported that the group attempted an attack on the water system in Haifa, a city in northwestern Israel.
So, how did the attack happen? The most likely answer is that the SEA somehow stole BSkyB's signing keys and the developer account password. If the signing keys were not compromised, the Play Store would not allow the apps to update. Depending on how this attack was executed, the implications could be quite considerable.
Any resolution would likely involve stopping use of the account, pulling the apps from the store entirely, and potentially force uninstalling them from users' devices.
When BSkyB will be able to resolve the situation is unclear, but we'll keep you updated as new details emerge.
Thanks, Paul!
No comments:
Post a Comment