Skip to main content

'ISIS' Hijacks Military Twitter, YouTube Accounts

The flag of the Islamic state.

The flag of the Islamic state.

Someone purporting to be "ISIS" hijacked the Twitter and YouTube accounts of U.S. Central Command today (Jan. 12), but it's unlikely the miscreants did any lasting damage, or were affiliated with the Islamic State at all.

"ISIS is already here, we are in your PCs, in each military base," read one tweet posted to the @CENTCOM account and grabbed by Engadget before Twitter suspended the account.

MORE: Anonymous Retaliates for Charlie Hebdo Attacks

Two pro-Islamic State videos appeared to have been posted to the U.S. Central Command YouTube page before it was wiped clean, according to a screen grab by Gizmodo, which showed the two clips alongside older ones showing cockpit footage of American airstrikes.

One tweet linked to a Pastebin page that read like something written by a kid pretending to be the Islamic State.

"AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK. ISIS. #CyberCaliphate," it said. "In the name of Allah, the Most Gracious, the Most Merciful, the CyberCaliphate under the auspices of ISIS continues its CyberJihad. While the US and its satellites kill our brothers in Syria, Iraq and Afghanistan we broke into your networks and personal devices and know everything about you."

"You'll see no mercy infidels," it continued. "ISIS is already here, we are in your PCs, in each military base. With Allah's permission we are in CENTCOM now. We won't stop! We know everything about you, your wives and children. U.S. soldiers! We're watching you!"

Absent were any Arabic or Islamic terms beyond those with which an American who kept up on news would be familiar, or even the term "Islamic State." The group that now calls itself that dropped the ISIS name last June.

The posting also included links to what were said to be "confidential data from your mobile devices." Several websites that downloaded the documents said they appeared to be mostly older, publicly available Pentagon materials.

Hijacking organizational social-media feeds is usually a matter of obtaining — or guessing — usernames and passwords, credentials that are often shared among several people responsible for updating the account.

Previous Twitter hijacks by the Syrian Electronic Army (no friend of the Islamic State) involved phishing emails to staffers of the targeted organizations. All it takes is one person with access to the credentials to fall for the trick and give up the goods.

"While strong multifactor login controls exist, it is normal for shared PR accounts like this to lack that additional layer of security, making them an easier target," Trey Ford, global security strategist at Boston online-security firm Rapid 7, said in an emailed statement.

Ford additionally warned against downloading any of the purported stolen documents, worried that they may be "part of a targeted malware campaign targeting military analysts and their families."

Unlike the Syrian Electronic Army, the Islamic State has not been known to hijack its adversaries' social-media accounts.

A military spokesman told The New York Times that the Pentagon was addressing the issue.

U.S. Central Command is the cross-service Pentagon command that oversees all American military activity in the Middle East and Central Asia, including Iraq, Afghanistan and Pakistan.

Paul Wagenseil is a senior editor at Tom's Guide focused on security and gaming. Follow him at @snd_wagenseilFollow Tom's Guide at @tomsguide, on Facebook and on Google+.