Pro-Assad hacktivist group the Syrian Electronic Army yesterday managed to deface several popular news and other websites including Time Out, The Independent and The Telegraph and redirect visitors.
Some visitors to the affected sites, which also include Forbes, CNBC and NBC, were greeted with a pop-up message declaring: “You’ve been hacked by the Syrian Electronic Army (SEA).”
Others were taken to a page displaying a logo of the SEA, according to a report in The Independent.
It claimed that the hacktivist group had attacked the DNS entry for comment platform Gigya at registrar GoDaddy. Gigya is the common link, apparently used by all the compromised sites.
By changing the DNS instructions, they were able to redirect users and display the “you’ve been hacked” message.
Gigya CEO, Patrick Salyer, was quick to point out that no data was compromised in the attack.
"Neither Gigya’s platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised," he told the newspaper. "Rather, the attack only served other JavaScript files instead of those served by Gigya."
The firm has apparently worked with GoDaddy to resolve the issue for users.
Mandiant principal threat intel analyst, Jen Weedon, claimed the incident is in-keeping with the SEA’s previous activity.
“The group’s primary MO is to make a statement about their political affiliation (pro-Syrian regime), or brag that they’ve gained access to or ‘hacked’ victims,” she explained. “The SEA regularly targets Western news organizations.”
Still, the attack was pretty tame compared to some SEA activity this year.
In February it was claimed that the group hacked Forbes and exposed one million user-email-password credentials.
Then, in March, the SEA claimed to have hacked Microsoft in a bid to embarrass the company by making public emails revealing that it charges the FBI hundreds of thousands every month to legally view customer information.
"Obviously prevention is better than cure and putting in place defences against attacks should always be a priority," 7 Elements CEO David Stubley told Infosecurity.
"However, ongoing attacks show that we need to take a more holistic approach to managing information security, one that accepts that the risks cannot be fully mitigated and adopts a more resilient approach."