Syrian Electronic Army hits Western media again
Web surfers, who recently attempted to visit mainstream media sites, found themselves unsettled when hacktivist organization, Syrian Electronic Army (SEA), installed pop-up messages on news sites with a message telling visitors that they had been hacked. The SEA’s message read, “You’ve been hacked by the Syrian Electronic Army.”
On SEA’s website, the organization has disclosed their origins and motives as follows:
“The SEA was created in 2011 when the Arab media and Western started their bias in favor of terrorist groups that have killed civilians, the Syrian Arab Army and have destroyed private and public property. The Arab media and western formed a cover for the continuation of these groups and their actions through the blackout on terrorism in Syria and sabotaged the Syrian Arab army and charged it with murder. A group of young Syrians, not belonging to any governmental entity, formed an electronic army and took on the initiative of protecting the homeland and supporting the reforms of President Bashar al-Assad, who we see as the right option for our aspirations as youth. It was the crisis and those options that sparked the launch of the SEA.”
Twitter was flooded with tweets from both computer and mobile users who had encountered the hacked sites, which included mainstream media companies such as New York Daily News, Forbes, CNBC, PC World, The Daily Telegraph, The Independent and OK Magazine in addition to Wal-Mart’s Canadian unit and the Canadian Broadcasting Corporation. However, not everyone visiting the sites saw the pop-ups.
Instead of directly hacking the sites, it appears that SEA managed to install the pop-ups by way of a customer identity management platform called Gigya, which is used by many companies. From the inside of Gigya’s GoDaddy domain, SEA tweeted a screen shot to indicate that they had seized control of the account. SEA’s screen shot tweet read, “Happy Thanksgiving, hope you didn’t miss us! The press: Please don’t pretend #ISIS are civilians.”
The Independent, one of the publications whose website was hacked, reported that SEA had changed Gigya’s Domain Name System (DNS) entries, directing it to images and messages hosted on other servers. The Independent says the problem has been resolved since the incident occurred.
While Gigya has since confimed that the hacking incident occurred, The Daily Telegraph tweeted, “A part of our website run by a third-party was compromised earlier today. We’ve removed the component. No Telegraph user data was affected.”
It is believed that SEA used similar DNS hijacking techniques in the past when hacking into sites belonging to media houses and other companies.
It looks as though SEA isn’t merely pulling pranks, but instead may be attempting to spread awareness about serious offenses carried out by rogue governments and corporations, while also shedding light on the global corporate/government nexus, as RT and The Daily Dot reported back in March of this year when SEA accessed several emails belonging to Microsoft, only to find evidence of Microsoft’s cozy relationship with the U.S. Federal Bureau of Investigation (FBI). Upon breaching Microsoft’s emails, SEA was able to obtain invoices that were shared between Microsoft’s Global Criminal Compliance Team and the FBI’s Digital Intercept Technology Unit. Details found in the invoices point to the amount of money Microsoft charges the FBI’s DITU for compliance costs anytime DITU produces warrants or court orders for the purpose of snooping through private data belonging to customers.