Hackers post story of tactical nuclear strike against Syria on Channel 4 blog

Jon Snow, Channel 4 newsHackers from the Syrian Electronic Army have once again claimed a high profile scalp, compromising the blogs at British broadcaster Channel 4.

The hackers, who back the regime of President Bashar al-Assad, took over the blog of the station’s veteran news presenter Jon Snow and posted a story about a tactical nuclear strike against Syria.

Here’s a partial screenshot of what they posted, courtesy of Google’s cache of the webpage:

Hackers posted a story about a tactical nuclear strike

Sign up to our free newsletter.
Security news, advice, and tips.

Claiming credit for the hack, the Syrian Electronic Army posted a screenshot of what appeared to be the WordPress admin panel for the Channel 4 blogs, something which should normally never be accessible to an unauthorised party.

Channel 4 blogs admin panel

The suspicion has to be that Channel 4 was running an old version of WordPress, vulnerable to a security exploit that allowed the hackers to gain access, or that an administrator had his password phished. In the last few days, WordPress has released the latest version of its blogging platform – version 3.6.

At the time of writing, all of Channel 4’s blogs are inaccessible and have been replaced with a message saying “Something’s broken (or we’re making things better)” alongside a picture of character’s from the station’s comedy “The IT Crowd”:

Channel 4 blogs down

Of course, the Syrian Electronic Army is no stranger to hacking media organisations, having successfully compromised the likes of the BBC, ITV, The Telegraph, The Financial Times, The Guardian, and Thomson Reuters.

Although clearly embarrassing for Channel 4, the good news is that this appears to have been merely defacement. Imagine how things would have been much worse if the hackers had used the opportunity of breaking into a popular blog to spread malware to unsuspecting readers.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

5 comments on “Hackers post story of tactical nuclear strike against Syria on Channel 4 blog”

  1. When will people learn that wordpress should only be used to tell the world how many dogs or cats you have. Every day i encounter serious buinsesses using this swiss cheese of a platform, last week it was a large provider of secure ecommerce payment systems who now realise that 2 years down the line they have "perhaps made a mistake in using WP for their corporate website".

    Give me strength….

  2. ethicalhack3r

    From the screenshot of the admin panel, it looks as though the blog was up to date at the time the screenshot was taken. I think it is unlikely that the attackers would update WordPress after the compromise. I think it is more likely that the blog was compromised via a vulnerable plugin or theme.

    1. Graham CluleyGraham Cluley · in reply to ethicalhack3r

      Good detective work. Yes, that sounds plausible.

      Of course, maybe the Channel 4 blog administrators were simply duped into handing over their password – or were unwisely using the same password in multiple places, or had chosen a password that was easy to guess.

  3. ethicalhack3r

    Looking at the Google cached site it looks as though it was running version 3.1.2 at the time of caching (26 Jul 2013 10:57:29 GMT).

    Version 3.1.2 suffers from Clickjacking, XSS and XML-RPC issues (SSRF) so this may have been the attack vector. Although a vulnerable plugin or theme maybe just as likely.

  4. Bubbacheese

    The account was hacked, I still question the content of the video. Any proof that is not real?

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.