The websites of UK newspapers the Independent, the Telegraph, and the Evening Standard, as well as a handful of other high-profile sites, have been hacked by the Syrian Electronic Army. Other victims include OK magazine and the official National Hockey League website. Some visitors to these sites were presented with a pop-up, saying, “you have been hacked by the Syrian Electronic Army”. It is thought that they exploited a flaw in the sites’ ad delivery network.
A security consultant at Kroll Cyber, Ernest Hilbert, is familiar with the exploit used, saying, “it was Gigya.” Gigya is a tech company that offers customer identity management for websites. The Syrian Electronic Army exploited a vulnerability with the Gigya CDN that allowed it to change the DNS entry. Hilbert continues, “It is a DNS takeover, and this is what the Syrian Electronic Army does. Normally, you type in a URL, it goes to a domain name server, and it says ‘those words equal this website”.
The attack fits the pattern of past Syrian Electronic Army hacks; news and entertainment outlets compromised, but with no particular political agenda at play. Past targets include BBC News, Al Jazeera, The Washington Post, and The Onion.
Source: The Guardian
SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…
Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…
Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…
Heavy Equipment Bundle: Includes a steering wheel for heavy machinery, gas and brake pedals, and…
Low-profile Keys for an ergonomic gaming experience. With slimmer keycaps and shorter switches, enjoy natural…
Size & style: Ambidextrous lightweight mouse for gaming. Built for speed, control and comfort, with…