Hacked Message Appears On Major News Webites Courtesy Of The Syrian Electronic Army
On Thursday, some people visiting a selection of major news websites were surprised by a rogue popup saying that they have been hacked by the Syrian Electronic Army. The attacks seemed to have been focused on North American and British media organizations by the hacker group that is linked to the Assad regime.
According to reports from various users on Twitter, some of the affected sites include CNBC, Forbes, PCWorld, The Daily Telegraph, The Independent, and the Chicago Tribune. Visitors are being greeted by a random popup that reads, “You’ve been hacked by the Syrian Electronic Army (SEA)” which is then followed by a picture.
Despite what the popup messages says, though, it appears that SEA hasn’t actually hacked the affected websites directly. Instead, the attack occurred through Gigya, a customer identity management platform that many businesses, such as Forbes and Verizon, utilize. The SEA posted a screenshot on its Twitter account, showing that it had access to the Gigya control panel through the Gigya.com domain at GoDaddy.
“Some calls to Gigya domains were redirected to the hackers site or showed a hacking message to end users, “said Gigya in a statement. “It might take some time until the changes propagate to all users. We have worked with GoDaddy to resolve the issues and the redirection was removed.”
It is not clear how many websites have been affected by the attack though The Telegraph did announce that it was a victim of the attack on its Twitter account stating, “A part of our website run by a third-party was compromised earlier today. We’ve removed the component. No Telegraph user data was affected.” But given that Gigya counts over 700 businesses, which include the NFL, FOX, CNN, NBC, CBC, and CBS that uses its service, we will have to wait and see if SEA’s attacks will affect more businesses as the day progresses.
According to reports from various users on Twitter, some of the affected sites include CNBC, Forbes, PCWorld, The Daily Telegraph, The Independent, and the Chicago Tribune. Visitors are being greeted by a random popup that reads, “You’ve been hacked by the Syrian Electronic Army (SEA)” which is then followed by a picture.
The popup message along with the picture that follows it
Despite what the popup messages says, though, it appears that SEA hasn’t actually hacked the affected websites directly. Instead, the attack occurred through Gigya, a customer identity management platform that many businesses, such as Forbes and Verizon, utilize. The SEA posted a screenshot on its Twitter account, showing that it had access to the Gigya control panel through the Gigya.com domain at GoDaddy.
Happy thanks giving, hope you didn't miss us! The press: Please don't pretend #ISIS are civilians. #SEA pic.twitter.com/ZXzMWbXoYp
— SyrianElectronicArmy (@Official_SEA16) November 27, 2014
“Some calls to Gigya domains were redirected to the hackers site or showed a hacking message to end users, “said Gigya in a statement. “It might take some time until the changes propagate to all users. We have worked with GoDaddy to resolve the issues and the redirection was removed.”
It is not clear how many websites have been affected by the attack though The Telegraph did announce that it was a victim of the attack on its Twitter account stating, “A part of our website run by a third-party was compromised earlier today. We’ve removed the component. No Telegraph user data was affected.” But given that Gigya counts over 700 businesses, which include the NFL, FOX, CNN, NBC, CBC, and CBS that uses its service, we will have to wait and see if SEA’s attacks will affect more businesses as the day progresses.
