SEA Graphic |
Websites belonging to the Washington Post, CNN, and Time
magazine have been attacked by supporters of Syrian President Bashar al-Assad.
According to BBC News,
some links on the sites redirected readers to the website of the Syrian
Electronic Army (SEA).
The breach was the result of a security failure at a firm
which provides a link recommendation service that all three sites used.
Outbrain said its staff had fallen victim to a spoof email.
Dear customers & audience: Our service is now live. We thank you for your patience & understanding. Full recap here: http://t.co/RyZLclJO7X
— Outbrain (@Outbrain) August 15, 2013
The SEA has hit several media companies in recent months,
most frequently by hijacking their social media accounts.
But in this attack the group managed to go one step further
by manipulating the links that appeared on the media groups' own webpages.
Shortly after the attack became apparent the New York-based
firm powering those links blogged: "We are aware that Outbrain was hacked
earlier today and we took down service as soon as it was apparent."
Outbrain resumed its service about seven hours later.
CNN told the BBC: "The security of a vendor plug-in that appeared on CNNi.com was briefly compromised today.
CNN told the BBC: "The security of a vendor plug-in that appeared on CNNi.com was briefly compromised today.
"The issue was quickly identified and plug-in disabled.
Neither CNN.com nor CNNi.com were penetrated directly."
The Washington Post's managing editor Emilio Garcia-Ruiz
later said that this was not thought to be the SEA's only attack on his
newspaper this week.
"A few days ago, the Syrian Electronic Army, allegedly,
subjected Post newsroom employees to a sophisticated phishing attack to gain
password information," he wrote.
"The attack resulted in one staff writer's personal
Twitter.
No comments:
Post a Comment