Syrian hackers from pro-Assad group target LA-based online marketing firm who promote more than 700 firms on social media


comments

The Syrian Electronic Army is believed to be behind a cyber attack on a series of high-profile websites after exploiting an ad network that runs on the sites.

Visitors to the sites, including the Independent and the Daily Telegraph, saw random pop-up messages accompanied by a blank screen that says 'you have been hacked by the Syrian Electronic Army (SEA)'. 

The message appeared on websites for several UK newspapers, as well as CNBC and the National Hockey League. It also showed up briefly on some retail sites just as they prepared for the biggest shopping day of the year on Friday.

The Syrian Electronic Army is believed to be behind a cyber attack on a series of high-profile websites after exploiting an ad network that runs on the sites

The Syrian Electronic Army is believed to be behind a cyber attack on a series of high-profile websites after exploiting an ad network that runs on the sites

SEA is a state-sponsored organisation based in war-torn Syria that attacks public targets in order to gain publicity and promote its cause in the name of president Bashar Al-Assad.

It has previously taken credit for hacking sites including the New York Times, Huffington Post, the Guardian, Microsoft, Reuters and the BBC.

The latest cyber attack, which is thought to have potentially affected up to 700 firms, was based around an ad network that runs on the various sites. 

A Twitter account affiliated with the Syrian group posted an image that appeared to show it accessed the GoDaddy account of gigya.com, a company that helps businesses identify those who visit their websites.

Gigya counts the NFL, NBA and NHL professional sports leagues, and media outlets including the CBC, CBS, NBC, Forbes, CNN, al Jazeera and Fox among its customers. It was not immediately clear how many of them were affected.

In a blog post, Gigya CEO Patrick Salyer said the company discovered 'sporadic failures with access to our service'.

SEA has previously taken credit for hacking sites including the New York Times, Huffington Post, the Guardian, Microsoft, Reuters and the BBC

SEA has previously taken credit for hacking sites including the New York Times, Huffington Post, the Guardian, Microsoft, Reuters and the BBC

The executive said hackers had rerouted Internet traffic from Gigya's website to an outside computer server. That server generated the message saying that their site had been hacked by the SEA.  

The hackers rerouted Gigya's web traffic by tweaking the company's web address on Internet registry Whois.com so that it would point visitors to the outside server. 

Mr Salyer said the registry entry on Whois.com was fixed about an hour after the company detected the breach, and the executive sought to reassure the company's clients.

He said: 'To be absolutely clear: Neither Gigya's platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised,' he wrote.

SEA is a state-sponsored organisation based in war-torn Syria that attacks public targets in order to gain publicity and promote its cause in the name of president Bashar Al-Assad (pictured)

SEA is a state-sponsored organisation based in war-torn Syria that attacks public targets in order to gain publicity and promote its cause in the name of president Bashar Al-Assad (pictured)

The SEA posted on its Twitter feed, referring to Thursday's U.S. Thanksgiving holiday: 'Happy thanks giving, hope you didn't miss us! The press: Please don't pretend #ISIS are civilians. #SEA'

A previous attack in June saw the Sun and Sunday Times fall victim to the online group.

For around 20 minutes, the Sun's website was replaced with a message that said: 'Stop publishing fake reports and false articles about Syria! UK government is supporting the terrorists in Syria to destroy it, stop spreading its propaganda.'

After hacking the Guardian in 2013, the group sent a spoof email to staff suggesting they change user names and passwords through a malicious link. Further passwords were then stolen and various Twitter accounts compromised.



IFTTT

Put the internet to work for you.

Turn off or edit this Recipe

0 comments:

Post a Comment