MOSCOW, November 28 (Sputnik) — Several major American, British and Canadian news organizations’ websites suffered an irritating Domain Name Service (DNS) attack on Thursday. They were hit by the Syrian Electronic Army (SEA), a hacking collective sympathetic to Syrian President Bashar Assad.
Users of popular English-language news websites were hit with a “You’ve been hacked by the Syrian Army (SEA)” message, and then redirected to the group’s logo on a black screen.
SEA has since posted a Tweet on their Twitter account saying “Happy thanks giving, hope you didn’t miss us! The press: Please don’t pretend #ISIS are civilians. #SEA”.
News sites which were targeted include CNBC, Forbes, the Chicago Tribune, the LA Times, the Boston Globe, the Daily Telegraph, the Independent, the Evening Standard, and CBC, as well as other sites including PC World, the National Hockey League, and Walmart Canada.
A Telegraph official Tweeted following the attack that “part of our website run by a third-party was compromised earlier today,” adding that “no Telegraph user data was affected.” CBC reacted in a similarly calm manner, noting that “there’s no risk to users. It’s not a virus, just a hack that pops up that window.”
The third party media management platform Gigya was suspected to have been the cause of the attack; the platform was hacked via GoDaddy to compromise DNS records of sites using the service, TechWorld explained. TechWorld also noted that hundreds of websites may have been affected by the attack, with over a hundred having already reporting the hack.
Gigya CEO Patrick Salyer noted in his company’s blog on Thursday that the problem has been resolved, and that no serious danger is said to exist. “To be absolutely clear: Neither Gigya’s platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised,” Salyer said.
It’s not yet clear exactly how the breach occurred, although the CBC has explained that SEA has been known for its clever phishing techniques, which include fake internal company emails that trick users into logging in to fake websites that look similar to popular sites and services such as Google Docs.
"It is a PR move to show they have the skills, but what they are doing is not dramatically sophisticated," Ernest Hilbert, managing director of cybercrime at investigations firm Kroll told CNBC.
In the past, the New York Times, the BBC, the Financial Times the Associated Press and Al Jazeera have been targeted by similar attacks via third party platform hacks, which would lead users to their SEA pages, or deface sites with their own materials and videos.
The organization was said to have been founded in 2011. Its website explained that the group founded “when the Arab and Western media started their bias in favor of terrorist groups that have killed civilians, the Syrian Arab Army and have destroyed private and public property.”
The group, which is suspected of being mostly comprised of Syrian university students, says that it has no official connections with the government of President Assad, but admits that they do forward information obtained in the course of their activities to the Syrian government. Their official goal, in their own words, is “to show the truth about Syria,” and their methods include “hacking into famous websites and using them to broadcasting some facts, thereby using their own momentum against them.”