Syrian Electronic Army attack OK magazine

28 November 2014

hackers A number of websites have fallen prone to being attacked by the SEA.

The Syrian Electronic Army (who sound like more like an underground rave set-up than terrorists) claimed to have hacked a number of websites.

The SEA exploited a fault with a content delivery network and soon visitors to the Independent, OK magazine and the Evening Standard websites were given a blank screen and a javascript popup telling them they had been hacked.

The Syrian Electronic Army are a pro-Assad Syrian hacker group. Of course they'd head straight for OK magazine.

The ad network were first in line for blame, due to the sporadic nature of the outages, which are difficult to replicate and spread over a number of sites.

The Independent reckon the hack came via the Gigya CDN, but stress no information on users was compromised.

Ernest Hilbert, a security consultant at Kroll Cyber, agreed that “it was Gigya. It is a DNS takeover, and this is what the Syrian Electronic Army does. Normally, you type in a URL, it goes to a domain name server, and it says ‘those words equal this website’.

“But not every user can get in through one connection, particularly at bigger sites. A CDN means that, because you can’t all fit in through the same door, it sends you to another one, another version of the content. And one of those versions, which hosts copies of all these affected sites, appears to have been compromised by the Syrian electronic army.”

This isn't the first time the SEA have done this. They have form going back to 2011. They did The Sun and the Sunday Times in June, and The Guardian in 2013, when it sent spoof emails to staff encouraging them to reset passwords through a malicious link. Fancy that!

What do you think?

Connect with Facebook, Twitter, or just enter your email to sign in and comment.

Your comment