On Monday, we learned that a Syrian hacker going by the online name of Ethical Spectrum hijacked the Facebook pages for Hay Day and Clash of Clans. It appears that he pulled off the attack after hacking the email account of an employee of Supercell, the Finland-based company that develops the games.
The hacker gained access to the Facebook accounts through social media management tool Ergagor. The CEO of Ergagor, Folke Lemaitre, has told Re/code that the hacker gained access to a Supercell employee’s email account.
He later used this access to breach “several private sources of information,” including the Ergagor app used by Supercell to manage the Facebook pages.
“Supercell acted quickly on this breach of security and informed Engagor. Engagor responded within minutes by closing down access to the account. At no time Engagor’s security as such was breached,” Lemaitre said.
The hacker has also published a screenshot that shows he had access to information on audience and revenue. However, the Syrian hacker says he hasn’t obtained any credit card information from Supercell.
As mentioned on Monday, Ethical Spectrum said he simply wanted to help the game development company secure its systems. Since his email, which he had sent to the company’s CEO, was ignored, he decided to exploit the security holes he identified.
Ever since news broke that Supercell was hacked, many gamers have been sending emails to the hacker asking him for virtual currency.
guys please i got million email about free gems
— Ethical Spectrum (@Eth_Spectrum) February 10, 2014
In addition to Supercell, Ethical Spectrum has also targeted an Indonesian hosting company called IDHostinger. However, the organization’s representatives are either unaware of the breach, or they’re locked out of their Twitter account, since it still contains the posts published by the hacker on Monday.