Syrian Electronic Army Targets President Obama in Latest Hack

Add President Obama to the list of the latest high-profile hacks.

A handful of sites affiliated with the President’s nonprofit issue advocacy group, Organizing for Action, were compromised by a group of hackers on Monday morning, according to a number of Facebook and Twitter posts sent from the President’s accounts.

Multiple tweets sent from the @BarackObama handle linked to YouTube videos hosted by the Syrian Electronic Army, the hacking outfit claiming responsibility, as well as some links sent through the President’s Facebook fan page. The BarackObama.com page, managed by OFA, was also hacked last night for a matter of hours.

In order to send the false links, the SEA targeted some members of OFA, which manages President Obama’s Twitter and Facebook accounts. From there, the hackers took over the site’s custom URL shortener, redirecting any links sent out from the President’s social channels to the SEA YouTube links.

The Syrian Electronic Army has serially targeted the social media accounts of public-facing people and organizations over the past year, spreading messages in support of sitting Syrian President Bashar Al-Assad. In recent months, the group has hacked the social accounts of news outlets like the Associated Press, CNN and the Guardian, among many others.

The Associated Press hack, in particular, sent near-immediate reverberations through the U.S. financial markets, sending the Dow Jones Industrial Average plummeting by 130 points for a matter of minutes.

An Organizing for America spokesman declined to comment to AllThingsD. But according to a tweet from Huffington Post political editor Sam Stein, an OFA official said its URL shortener was indeed hacked, and “at no point did [the SEA] have access to the twitter handle.”

That would make sense, considering the content of the President’s tweets and Facebook status updates seem in line with the usual messages the accounts send out — only the links look to have been affected. This, despite the SEA claiming it commandeered the President’s social channels.

Twitter tentatively confirmed as much: “It appears a custom, third-party URL shortener which OFA uses to produce vanity URLs was compromised, not the Twitter account,” a Twitter spokesman told AllThingsD.

Update 3:36 p.m. PT: A Facebook spokesman responded to AllThingsD with the following: “The Facebook page doesn’t show any signs of compromise. Nonetheless, as a precaution we recommend all page admins enable Login Approvals, our two-factor authentication that provides an extra layer of security for your Facebook account.”

One tweet from the SEA also suggests that the group has accessed the email account of one Suzanne Snurpus, a woman affiliated with Organizing for Action, according to her Twitter account. The SEA sent a screenshot of Snurpus’s Gmail dashboard, depicting a number of email subject lines.

As of approximately 11:15 am PT on Monday, Organizing for Action looks to have re-taken control of its URL shortener, as links from @BarackObama no longer re-direct to SEA YouTube videos.