In the latest attack it appears that the hacking group have managed to redirect readers trying to read certain Washington Post stories to the SEA’s own website instead.
The Syrian Electronic Army has been making something of a mockery of the computer security at a wide range of media organisations in recent months, with victims including the BBC, ITV, The Telegraph, The Financial Times, The Guardian and Thomson Reuters.
Just earlier this week, the New York Post found that its Twitter and Facebook pages had been hijacked by the group.
A notice on the Washington Post’s website confirms that they have been hacked:
The Washington Post Web site was hacked today, with readers on certain stories being redirected to the site of the Syrian Electronic Army. The group is a hacker collective that supports Syrian President Bashar al-Assad.
The Post is working to resolve the issue.
The Syrian Electronic Army has confirmed its involvement in the hack by posting a message from its Twitter account, and also claiming that it also struck CNN and Time Magazine at the same time.
According to the hackers they managed to compromise the media sites by breaking into systems at Outbrain, providers of a widget which displays “recommended content” that web visitors might be interested in reading.
Outbrain has confirmed that its systems were attacked, and says it has disabled its recommendation services while it investigates the problem.
Due to an attack, our recommendations are down. Our team is working to get our system secure & up shortly. Apologize for any inconvenience.
Chances are that the systems at Outbrain were compromised by the Syrian Electronic Army’s usual trick of phishing for passwords. All computer users need to savvy-up, and show much greater care about where they enter their passwords.
Further reading: How Outbrain got hacked by the Syrian Electronic Army.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.