Syrian Electronic Army hacks several websites, Forbes, Ferrari, Independent, Daily Telegraph and many other websites hijacked

Syrian Electronic Army hacks several websites, Forbes, Ferrari, Independent, Daily Telegraph and many other websites hijacked

Syrian Electronic Army (SEA) which was lying low for quite a while now has announced its resurgence with media sites hacking spree.  The Syrian pro-Assad hacktivist group today hacked and downed many media website mostly from United Kingdom. The hack came at wee hours of Thursday but was well coordinated attack one.

A part of our website run by a third-party was compromised earlier today. We've removed the component. No Telegraph user data was affected.

— The Telegraph (@Telegraph) November 27, 2014

Among those hit were the websites of United Kingdom’s largest dailies like Daily Telegraph, Independent and Evening Standard. The SEA has also hacked websites of Forbes, Ferrari, Al Jazeera, PC World,  Chicago Tribune  and many more.  Techworm is in contact with SEA to get latest news on the hacks as well the reason behind the hacks.

Gigiya

It seems like the SEA struck popular social login service Gigya.  Gigiya is a popular customer identity management platform provider for many of the websites hacked by SEA.  Gigiya’s platform allows  businesses can use to identify their customers using both traditional and social registration, consolidate and manage cross-channel customer data, and customize user experiences through integrations with over 50 marketing and service applications.  Most of the websites hacked by SEA used the integrated Gigiya’s solutions for customer managements.  Therefore it is plausible that the preliminary hack of Gigiya may have caused the resultant mass hacking.

The SEA have somehow hacked and access the Gigiya CDN and injected with a Javascript code which causes all the sites to show the popup.  Thus visitors of hundreds of websites including the those major ones mentioned above are welcomed with a popup message says: “You’ve been hacked by Syrian Electronic Army (SEA).”

Gigiya is a privately held multinational technology company headquartered in Mountain View, California with additional offices in Phoenix, Tel Aviv, London, Paris, Singapore and Melbourne. It had received $35 million funding led by Intel Capital couple weeks ago.

Independent which was hacked in wee hours of Thursday, recovered from the hack and said that,” The hack hit websites using the popular Gigya comment platform. Hackers re-directed some users to their site or to display their messages, by exploiting the DNS entry — which translates URLs such as independent.co.uk into directions to the site — at GoDaddy, the site’s domain registrar.” The Independent also added that “The Gigya platform itself was not hacked, and no user data is or was in jeopardy.” However seeing that the SEA had hijacked Gigya to insert the Java Script code in its CDN, it is possible that they may have accessed the data base as well.

SEA also announced the hacks on its Twitter feed: “Happy thanks giving, hope you didn’t miss us! The press: Please don’t pretend #ISIS are civilians. #SEA”

Happy thanks giving, hope you didn't miss us! The press: Please don't pretend #ISIS are civilians. #SEA pic.twitter.com/ZXzMWbXoYp

— SyrianElectronicArmy (@Official_SEA16) November 27, 2014

“A part of our website run by a third-party was compromised earlier today,” the Telegraph said on its official Twitter feed. “We’ve removed the component. No Telegraph user data was affected.” Many users attempting to access certain parts of the papers’ websites found a message that read “You’ve been hacked by the Syrian Electronic Army (SEA)” and were then redirected to the group’s logo, an image of an eagle bearing the Syrian flag and a message in Arabic.

As this is developing story, Techworm will try to bring the names of all the websites hacked by SEA.  As of now following websites are confirmed hacks.

1. Independent.

2. The Telegraph

3. OK Magazine

4. PC World

5. Chicago Tribune

6. Forbes

7. Ferrari

8. NBC

9. CNBC and CNBCNews

10. Appledaily.hk

11. NHL

12. Daily Express

13. French football club Toulouse FC

15. Canadian Broadcaster CBC

16. NY Daily News

17. Beatport

18. LA Times

19. Computer World.

20. Christies Inc

21. NatGEO

22. Dell

23. Intel Germany

24. Yellow Pages, Chicago

The Syrian Electronic Army (SEA) spokesperson told Techworm that this was all for now but they will keep their options open. This could mean that they have enough ammo to launch another hack attack of this scale.  They signed off with a postscrtipt which read as follows “PS: We would never attack users or damage systems. It was just a message.”

Andrew Peng, a journalist has released a partial list of the websites hacked by SEA on Twitter

https://twitter.com/TheAPJournalist/status/537984586677243905/