Hackers attack several 大象传媒 Twitter accounts

Image caption, The account was taken over by pro-Syrian hackers

Several 大象传媒 Twitter accounts, including its weather, Arabic and Radio Ulster feeds were hijacked by a group calling itself Syrian Electronic Army earlier.

A series of tweets about fake weather conditions in Middle Eastern countries began appearing on Thursday afternoon.

The accounts are the latest in a series of large corporate Twitter feeds to have been breached.

The 大象传媒 said that it now has control of all three accounts and all inappropriate content has been deleted.

A 大象传媒 spokeswoman said: "We apologise to our audiences that this unacceptable material appeared under the 大象传媒's name."

The attacks began in the early afternoon on Thursday. At the same time, 大象传媒 staff were alerted to a phishing email that had been sent to some 大象传媒 email accounts. It is not yet clear if the two are related.

The email contained a link that if clicked on could expose password details.

The 大象传媒 weather Twitter feed, which has 60,000 followers, was among those affected.

Alongside the standard tweets from the weather feed such as "'last night was chilly" some more bizarre comments began emerging.

They included: "Saudi weather station down due to head-on collision with camel."

Another read: "Chaotic weather forecast for Lebanon as the government decides to distance itself from the Milky Way."

The group claiming responsibility has previously spread messages in support of Syrian President Bashar-al-Assad.

The 大象传媒's Arabic and Radio Ulster feeds were also affected.

Faris Couri, 大象传媒 Arabic's editor-in-chief said in a statement: "Today at around 11.00GMT, 大象传媒 Arabic's twitter account @大象传媒ArabicOnline was hacked. Since then, several pro-Assad news tweets were published by the account.

"We strongly condemn such action and apologise to our audiences," he said.

Social engineering

The attacks on the 大象传媒 are the latest in a series of hacks on high-profile Twitter accounts.

Last month Burger King and Chrysler saw their Twitter feeds hijacked while a quarter of a million Twitter users had their passwords stolen.

"The 大象传媒 is an obvious place to attack as it a trusted brand and so anyone who wishes to broadcast a message can reach a audience that are likely to pay attention, certainly initially," said Prof Alan Woodward from the department of computing at the University of Surrey.

"The most likely source of the hack is via social engineering - someone managing to elicit the password by fooling the user who keeps the password," he added.

Increasingly experts are now calling for Twitter to step up security and offer two-factor authentication, essentially a disposable, single-use password for its users.

Writing about the hack on, security consultant Graham Cluley said it was unclear how the password had been cracked.

"The good news is that the hack doesn't appear to have been done with the intention of spreading malicious links or scams. Instead, it appears that the Syrian Electronic Army are trying to spread political messages about Syria instead," he said.

"You should always use hard-to-guess, hard-to-crack, unique passwords for your online accounts that you are not using anywhere else on the web."