Washington Post hacked by the Syrian Electronic Army, amid claims that TIME and CNN were also hit

Washington PostThe Washington Post is the latest in a long line of media organisations to have suffered at the hands of the notorious hacking group, the Syrian Electronic Army (SEA).

In the latest attack it appears that the hacking group have managed to redirect readers trying to read certain Washington Post stories to the SEA’s own website instead.

Syrian Electronic Army

The Syrian Electronic Army has been making something of a mockery of the computer security at a wide range of media organisations in recent months, with victims including the BBC, ITV, The Telegraph, The Financial Times, The Guardian and Thomson Reuters.

Sign up to our free newsletter.
Security news, advice, and tips.

Just earlier this week, the New York Post found that its Twitter and Facebook pages had been hijacked by the group.

A notice on the Washington Post’s website confirms that they have been hacked:

Washington Post hacked

The Washington Post Web site was hacked today, with readers on certain stories being redirected to the site of the Syrian Electronic Army. The group is a hacker collective that supports Syrian President Bashar al-Assad.

The Post is working to resolve the issue.

The Syrian Electronic Army has confirmed its involvement in the hack by posting a message from its Twitter account, and also claiming that it also struck CNN and Time Magazine at the same time.

According to the hackers they managed to compromise the media sites by breaking into systems at Outbrain, providers of a widget which displays “recommended content” that web visitors might be interested in reading.

Syrian Electronic Army implicates Outbrain

Outbrain has confirmed that its systems were attacked, and says it has disabled its recommendation services while it investigates the problem.

Tweet from Outbrain

Due to an attack, our recommendations are down. Our team is working to get our system secure & up shortly. Apologize for any inconvenience.

Chances are that the systems at Outbrain were compromised by the Syrian Electronic Army’s usual trick of phishing for passwords. All computer users need to savvy-up, and show much greater care about where they enter their passwords.

Further reading: How Outbrain got hacked by the Syrian Electronic Army.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.