The pro-Bashar Al Assad hacking group Syrian Electronic Army has hacked into the domain registry of world renowned online shopping and money transaction platforms Ebay and MarkMonitor which manages security for Paypal.
The hack was announced by SEA on their official Twitter account which shows that official websites of UK’s Ebay (ebay.co.uk) and Paypal (paypal.co.uk) were hacked and defaced. The group also left a deface page along with a message on the hacked Paypal UK site, expressed in following words:
- Hacked by Syrian Electronic Army! Fuck the United States Government.
An exclusive screenshot provided by SEA shows the hackers have admin access to MarkMonitor domain.
In other Tweets SEA said that it did not touch user data as ”the hack was purely hacktivist operation.”
It is unclear how SEA hacked both domains. However, hack is a high profile and has left a question mark over Ebay and Paypal’s security. During an exclusive conversation when we asked one of SEA’s official about the hack and what method did they used? The reply was:
- Paypal used a large amount of authentication and verification protocols so the attack required a lot more advanced techniques.
Another screenshot provided by SEA shows internal Paypal communication confirming the penetration:
At the time of publishing this article both sites were restored and working online.