Viber Attacked By Syrian Electronic Army

Viber has confirmed a situation earlier this morning in which Viber appeared to have been hacked by the Syrian Electronic Army (a pro-government group of computer hackers aligned with Syrian President Bashar al-Assad).

AppleSpot originally reported on the hack that affected the Viber support page, though it was unclear the extent to which hackers accessed Viber systems.

Viber has now clarified that the hack only allowed access to two minor systems, a customer support panel and a support administration system. According to the company’s official response, “no sensitive user data was exposed and Viber’s databases were not ‘hacked’.”

The company did not confirm whether the attack came from the Syrian Electronic Army, though the hacker group does take responsibility for the hack. Viber did, however, claim that the hack was the product of a phishing attack that was carried out against one of their employees.

Here’s the official statement:

Today the Viber Support site was defaced after a Viber employee unfortunately fell victim to an email phishing attack. The phishing attack allowed access to two minor systems: a customer support panel and a support administration system. Information from one of these systems was posted on the defaced page.

It is very important to emphasize that no sensitive user data was exposed and that Viber’s databases were not “hacked”. Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system.

We take this incident very seriously and we are working right now to return the support site to full service for our users. Additionally, we want to assure all of our users that we are reviewing all of our policies to make sure that no such incident is repeated in the future.

The hack took down the Viber support page, and replaced it with the following message and a screenshot of the hack.

Dear All Viber Users,

The Israeli-based “Viber” is spying and tracking you

We weren’t able to hack all Viber systems, but most of it is designed for spying and tracking

viberhack

viberhack2

The above screenshot (within the screenshot) was meant to act as proof that the hackers did in fact access Viber’s databases. We also looked at their released files to confirm their claims (second screenshot).

As you can see, the hackers were able to access information such as phone number, UDID (a Viber-specific UDID, not the one Apple provides — see the update below), country, IP address, device type, OS OS type, OS version, registration date, most recent update, and push token. Viber has again iterated that this screenshot is of an admin dashboard, not a database.

Viber also took the opportunity to respond to accusations of spying:

Viber, like many other companies such as Microsoft, Cisco, Google, and Intel maintains a development center in Israel. It seems like this caused some people to come up with some pretty bizarre conspiracy theories.

It goes without saying, that these claims are completely without merit, and have no basis in reality whatsoever.

Viber is a free messaging and calling service based out of London, with development centers in Israel, with over 200 million users globally.

Update — Viber has followed up with more details on the data that was accessed:

The data is quite basic – we want to know when user registered, where from (country), device type (helps us understand who uses Viber, detect problems, etc), UDID is an internal ID (not the Apple UDID), push token is used to communicate with users (but cannot be used by a 3rd party), etc. While this is not the most sensitive data (message content, address book, etc), we are disappointed that hackers were able to gain access to these systems. We are working, as we speak, to make sure that this will not happen again.

The system that was breached is our CSR (Customer Support). Supporters need access to this data to help users with various technical issues. Most app developers would provide their supporters with similar data.

We will continue to update this story as more information becomes available.