Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Pro-ISIS Hackers Compromise U.S. CENTCOM Twitter, YouTube Accounts

CyberCaliphate

Hackers supporting Islamic State jihadists briefly took control of the Twitter and YouTube accounts of the U.S. Central Command (CENTCOM), the Department of Defense confirmed Monday.

CyberCaliphate

Hackers supporting Islamic State jihadists briefly took control of the Twitter and YouTube accounts of the U.S. Central Command (CENTCOM), the Department of Defense confirmed Monday.

In the attack, hackers replaced the main banner for CENTCOM’s Twitter account with an image of a masked fighter along with the words “CyberCaliphate” and “I love you ISIS”.

The attackers Tweeted and posted a message to Pastebin saying, “You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base. With Allah’s permission we are in CENTCOM now. We won’t stop! We know everything about you, your wives and children. U.S. soldiers! We’re watching you!” 

The attackers also posted information and details on Military personnel and photos, including a phone directory of officers, which some say it out-of-date and already publically available.

“We can confirm that the US Central Command Twitter and YouTube accounts were compromised earlier today. We are taking appropriate measures to address the matter,” a Deparment of Defense representative said in a statement.

“CENTCOM’s operational military networks were not compromised and there was no operational impact to U.S. Central Command,” a CENTCOM news statement issued later in the day said.

“We are viewing this purely as a case of cybervandalism,” the statement continued. “In the meantime, our initial assessment is that no classified information was posted and that none of the information posted came from CENTCOM’s server or social media sites. Additionally, we are notifying appropriate DoD and law enforcement authorities about the potential release of personally identifiable information and will take appropriate steps to ensure any individuals potentially affected are notified as quickly as possible.”

RelatedISIS Cyber Ops: Empty Threat or Reality?

Advertisement. Scroll to continue reading.

The @CENTCOM Twitter account was suspended at the time of publishing, but the Department of Defense has regained control of the compromised accounts.

“The account compromised was timed with the release of a couple of sensitive documents on Pastebin, which appears to have been designed to intimidate US soldiers,” Trey Ford, Global Security Strategist at Rapid7, told SecurityWeek. “One thing to note: the Sony document dumps were laced with malware, and I expect these files may also be part of a targeted malware campaign targeting military analysts and their families.”

“This attack looks to be the same actors as the WBOC and Albuquerque Journal‎ attacks last week,” Ian Amit, Vice President at ZeroFOX, said. “The verbiage is the same, the behavior is the same, the hashtags are the same — all indicators suggest this is the same group. The full extent of the damage: 3 Twitter accounts and 1 YouTube account.”

“Much of this appears to be simply scare tactics,” Amit added. “All of the “leaked” documents are in fact public domain, repackaged to look like a real data breach. These actors are trying to make themselves look more legitimate by threatening soldiers wives and claiming to have mobile access. In truth, they likely only stole a password, either through a phishing scam or a brute-force attack.”

On Sunday, European, US and Canadian security ministers said that increased Internet surveillance and tighter border checks were “urgently” needed to combat jihadist attacks of the sort that shocked Paris last week. 

U.S CENTCOM promotes cooperation among nations, responds to crises, and deters or defeats state and non-state aggression.

One of nine unified commands in the U.S. military, CENTCOM’s has an area of responsibility in the central area of the world consisting of 20 countries, including Afghanistan, Iran, Iraq, Jordan, Kazakhstan, Kuwait, Kyrgyzstan, Lebanon, Oman, Pakistan, Qatar, SaudiArabia, Syria, Tajikistan, Turkmenistan, United Arab Emirates, Uzbekistan, and Yemen.

The attacks against CENTCOM came just as President Obama give an address and announced a series of initiatives designed to enhance the nation’s cybersecurity and privacy environment.

Related: ISIS Cyber Ops: Empty Threat or Reality?

RelatedSocial Media a Key Element for Terror Groups

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Cloud security startup Upwind has appointed Rinki Sethi as Chief Security Officer.

SAP security firm SecurityBridge announced the appointment of Roman Schubiger as the company’s new CRO.

Cybersecurity training and simulations provider SimSpace has appointed Peter Lee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.