Microsoft has been a popular target for the Syrian Electronic Army (SEA) over the past couple of weeks. After compromising Skype’s social media accounts earlier this month, the hacking group turned their attention to Microsoft’s official Office blog this week.
The latest attack took place just hours after Microsoft revealed a new design for the website. In addition to posting several articles on the site (titled “Hacked by the Syrian Electronic Army” and so forth), the group also took to Twitter to post screenshots of both the old and new administration panels.
The images show the old site used admin software from Telligent while the new site is allegedly running on WordPress, a popular blogging tool / content management system (CMS) based on PHP and MySQL. This would suggest the hackers had access to the system before the new design was introduced, perhaps waiting for the redesign to launch to gain maximum exposure.
The SEA further taunted Microsoft, noting that changing the CMS would not help if their employees are hacked and aren’t aware of it. It is believed that the hackers gained access to the blog and other social media accounts via simple e-mail phishing techniques.
In a statement on the matter, Microsoft said a targeted cyber attack temporarily affected the Office blog but the account has since been reset. What’s more, Redmond claims no customer information was compromised as a result of the security breach.
