The Syrian Electronic Army (SEA), the Syrian and pro-Assad hacking collective, has returned with a new offensive after something of a quiet period.
Its latest hack has compromised the websites of a number of Western media companies, as well as a number of other targets.
The SEA hack is known to have affected the websites of the Independent, the Daily Telegraph, OK magazine, the London Evening Standard, as well as the New York Daily News and a number of other western media companies. The SEA hack also compromised the Canadian unit of American retailer Wal-Mart, as well as the National Hockey League in the United States.
The SEA confirmed the hack when it posted on its Twitter feed a thanksgiving message to the United States. “Happy thanks giving, hope you didn’t miss us! The press: Please don’t pretend #ISIS are civilians. #SEA”
So how was the group able to penerate so many targets? Well, it seems that once again, the group apparently exploited a fault with a content delivery network (CDN). In June this year the group defaced a piece of Reuters’ website by targeting the ad network supplying adverts for the news network.
The finger of blame has been pointed at Gigya’s CDN that businesses use to help identify who visits their websites. The SEA reportedly accessed the GoDaddy account of gigya.com. Gigya said a breach at its domain registrar, GoDaddy, resulted in traffic to its site being redirected, but that the problem had since been fixed.
“An initial inquiry has revealed that there was a breach at our domain registrar that resulted in the WHOIS record of gigya.com being modified to point to a different DNS server,” blogged Gigya CEO Patrick Salyer.
“That DNS server had been configured to point Gigya’s CDN domain (cdn.gigya.com) to a server controlled by the hackers, where they served a file called “socialize.js” with an alert claiming that the site had been hacked by the Syrian Electronic Army,” he wrote. “To be absolutely clear: neither Gigya’s platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised.”
The SEA has made a name for itself by attacking high profile targets in the past couple of years.
The group has sympathies for the Bashar al-Assad regime in Syria. Previous targets include the Guardian, CNN, the Washington Post, and Reuters.
How well do you know network security? Try our quiz and find out!
Huawei launches Mate XT, world's first tri-fold or double-hinged smartphone, as it challenges Apple for…
X makes changes to xAI's Grok AI chatbot after five US secretaries of state take…
China says new Dutch export controls on chipmaking equpment result of US 'coercion' design to…
Apple launches iPhone 16 range with generative AI features, plus camera-based 'visual intelligence', new AirPods,…
US trial of Google over ad tech market power begins, with forced divestiture of ad…
US judge gives Justice Department until end of year to formulate plan for Google punishment…