The Washington Post has become the latest news site to fall victim to the Syrian Electronic Army [SEA] with users of the service directed elsewhere when they clicked on certain stories.
A note from the editor explained that the newspaper’s website had been hacked by the SEA and that readers had been redirected due to vulnerabilities with a third-party service.
“The Washington Post Web site was hacked today, with readers on certain stories being redirected to the site of the Syrian Electronic Army. The group is a hacker collective that supports Syrian President Bashar al-Assad. The Post is working to resolve the issue,” read the editor’s note.
A Twitter account that reportedly belongs to the Syrian Electronic Army confirmed that it was able to hack the site, as well as those of CNN and Time, by targeting Outbrain.
The Washington Post confirmed this as it stated the hack had “succeeded because of a vulnerability in Outbrain, a third-party content recommendation service”. A Tweet on Outbrain’s account later added that “due to an attack, our recommendations are down”.
Of the other two companies that SEA claimed to have attacked, Time stated, “It does not appear that Time.com or our Twitter accounts have been hacked. However, we are looking into the matter.”
CNN added that a content-recommendation service utilising their site “was briefly compromised” but that CNN and their international site were not directly troubled.
It comes in the same week that the SEA managed to successful hack four New York Post Twitter accounts, its Facebook page and a number of Twitter accounts owned by journalists that work for the paper.
Other outlets that have been recent targets include Bloomberg, Thomson Reuters, The Onion, the Guardian and the Financial Times, with Twitter attempting to suspend the group’s Twitter account for a White House phishing attack.
Image Credit: Flickr (EstherVargasC)