Syrian Electronic Army Hits eBay And PayPal

Hacking crew appears to carry out hit on DNS infrastructure serving eBay-owned sites

Certain visitors to the PayPal and eBay websites this weekend were greeted by anti-US government messages, after an apparent Syrian Electronic Army attack on the DNS infrastructure serving some customers in the UK.

Visitors were reportedly redirected to a separate site, on which the Syrian Electronic Army said, in somewhat profane language, the Obama regime could have coitus with itself. “Long live Syria,” the notorious hacking group added.

Syrian uprising vector © Memi - FotoliaDespite the breach, it does not appear any data was compromised.

Syrian Electronic Army gets busy

The Syrian Electronic Army managed to redirect users to a site of their choosing, often done via a compromise of DNS servers, which should send people typing in a URL to the correct IP address.

“For under 60 minutes, a very small subset of people visiting a few marketing web pages of PayPal France, UK and India websites were being redirected,” Anuj Nayar, PayPal’s senior director of global initiatives, told security blogger Graham Cluley.

“There was no access to any consumer data whatsoever and no accounts were ever in any danger of being compromised. The situation was swiftly resolved and PayPal’s service was not affected. We take the security and privacy of our customers very seriously and are conducting a forensic investigation into this situation.”

Such redirect attacks can have far more serious implications than just pointing to a site with a political message. If the attackers had chosen to point PayPal and eBay users to a well-constructed spoof site delivering malware silently, they could have infected tens of thousands in a short amount of time.

The Syrian Electronic Army has had a busy start to 2014, successfully attacking Microsoft’s blogs and social media profiles, and doing the same to news network CNN.

Are you a security pro? Try our quiz!