Cyber Incident Victim: Endurance International Group

On March 31, 2015, the Syrian Electronic Army (SEA), a pro-Assad hacker group, publicly claimed responsibility for compromising the control systems of five web hosting services under the Endurance International Group: Bluehost, Justhost, HostGator, Fastdomain, and Hostmonster. The attackers alleged these companies supported terrorist websites, specifically citing Islam-Army.com—a site registered through Fastdomain and hosted on Bluehost servers—as an example of prohibited content. The SEA breached administrative control panels, enabling potential widespread disruption, though the full extent of operational damage remained unconfirmed. Concurrently, the group hijacked Bluehost’s official Twitter account, posting messages aligned with their claims before Endurance Group regained control hours later. The hackers published screenshots of compromised hosting dashboards as proof of access and threatened future attacks involving DNS manipulation to take all hosted websites offline.

Endurance Group acknowledged the Twitter compromise in a statement, classifying it as “cybervandalism” and confirming account recovery within hours. The company emphasized ongoing investigations and implementation of “appropriate security measures” to safeguard its platforms but did not disclose technical details about the control system breaches or confirm data or service impacts. None of the affected hosting brands commented publicly via their Twitter channels following the incident. The SEA reiterated its intent to target infrastructure supporting perceived terrorist entities while denying financial ties to the Assad regime. Islam-Army.com became inaccessible post-attack, though archived copies reflected the SEA’s defacement message. No further disruptions to Endurance Group’s services or additional DNS changes were verified at the time of reporting.