The support site of the popular application Viber was defaced by Syrian Electronic Army and claimed they was able to extract users on the “partial database”.
Hackers wrote in the deface page:
Dear All Viber Users,
The Israeli-based “Viber” is spying and tracking you
We weren’t able to hack all Viber systems, but most of it is designed for spying and tracking
Screenshot of a hacked system:
The Phone numbers of Viber administrators:
Some backups were downloaded successfully.
Viber has not yet issued an announcement about this issue, but we will update you very soon.
And looks like they are currently fixing the site while I’m writing this article. 🙂
Update: Viber said that no sensitive data is hacked and the hack only accessed two minor systems, the one of customer support panel and support administration system. It was a phising attack wherein an employee fell into.
Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.
It is very important to emphasize that no sensitive user data was exposed and that Viber’s databases were not “hacked”. Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.
We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future.