In April 2015, hackers with unauthorized access to the SMSGlobal systems sent more than 4 million messages reading, “Our motto forever Death to America, Death to the Jews,” to phone numbers in the Middle East, the Guardian reported on Tuesday. However, SMSGlobal managed to block the vast majority of these messages, with only about 5,000 reaching mobile numbers in the United Arab Emirates.
The identity of the hackers is not known. The Guardian obtained a letter from SMSGlobal to the Dubai telecommunications company DU, reporting the fact that text messages had been received with “malicious content” originating in several accounts: “SMSGlobal makes note that an attempt to send in excess of 4 million SMS messages to +971 UAE numbers was attempted through the compromised accounts,” the letter said.
The letter attributed the partial success of the hackers to their “use of a brute force attack” to reach the few accounts they did to a “number of vulnerabilities.” Customers’ passwords were not encrypted in the SMSGlobal database, user account names were too simple, and the system no longer supported code from an earlier platform.
The letter admitted “there is a risk of brute force attacks continuing and more so that other legacy account credentials may have been compromised. That said, SMSGlobal believes that by adding a number of additional security measures we can stop this from happening and/or any SMS from being sent through these attacks.”