A hacktivist group loyal to Syrian president Bashar al-Assad claims it has hacked into systems behind the Viber...
mobile Wi-Fi calling and messaging app.
The Viber app mobile has more than 200 million users.
The claim comes just days after the Syrian Electronic Army (SEA) said it had stolen millions of users’ details from users of video and text messaging app Tango, which has 120 million registered users.
The SEA rose to prominence earlier in the year when it carried out attacks against Western media organisations, including the BBC, Associated Press, the Financial Times and the Guardian.
In the latest attack, the group tweeted: "If you have 'Viber' app installed we advise you to delete it."
The hacktivist group is claiming responsibility for breaching Viber's database and defacing its website, according to The Hacker News.
Read more about hacktivism
- Hacktivists target MP's website
- Ghost Shell hacktivists publish over a million credentials
- The hacktivist threat to enterprise security
- UK hacktivist cases should spur business to action, says lawyer
- Security intelligence firm Stratfor investigates hacktivist attack
- RSA 2012: Forget about hacktivists, say security experts
- Probing Anonymous hacktivists a serious challenge for researchers
- Anti-ACTA hacktivists attack Polish government sites
- 2012 Verizon DBIR: Hacktivists make impact on data breach statistics
- Website weaknesses at fault in T-Mobile hacktivist attack
Viber's support page on its website was modified to display a banner that said, "Hacked by Syrian Electronic Army" and a note that said, "Dear All Viber Users, the Israeli-based 'Viber' is spying and tracking you."
The page was immediately withdrawn and was still not available on Wednesday morning.
Viber is an app that lets users call and message via Wi-Fi for free. In May, it announced that it had more than 200 million users spread across 193 countries.
The company behind the app confirmed to TechCrunch that its website had been defaced, but said that sensitive user information was not stolen.
Viber said in a statement that it had been the target of an email phishing attack that enabled attackers to access two "minor" systems – a customer support panel and a support administration system.
But the company denied that Viber’s databases had been hacked and said no sensitive user data had been exposed.
“Sensitive, private user information is kept in a secure system that cannot be accessed through this type of attack and is not part of our support system,” Viber said.
Viber said it is reviewing all its policies to make sure no such incident is repeated in the future.
Last weekend, the SEA said it hacked into Tango's backup database and downloaded users' private phone numbers, contacts and emails. It posted screenshots that appear to support the claims.
The SEA said it would give much of the information to the Syrian government, but did not say why Tango had been singled out for attack.
Security experts said the motive may be as simple as the fact that the site uses an outdated version of the WordPress content management system, which is relatively easy to compromise.
The US-based TangoMe confirmed a security breach, tweeting: "Tango experienced a cyber intrusion that resulted in unauthorised access to some data. We are working on increasing our security systems."
The SEA reacted angrily to a caricature of the Syrian president alongside an initial report of the Tango hack on The Daily Dot website, according to the BBC.
The group at first demanded that the picture be removed, but then hacked into the news site's administration system and deleted the entire article.