UPDATED 03:32 EST / AUGUST 28 2013

NEWS

Twitter + New York Times Hacked by Syrian Electronic Army

As the US cranks up its war machine ahead of a possible air strike against Syria, that country’s cyberterrorist defenders, the Syrian Electronic Army, hit back with a number of notable scalps yesterday. In a series of high profile hacks, the Pro-Bashar Assad group took control of the New York Times, numerous Twitter domains, and the UK version of the Huffington Post.

The hacks took place at around 3PM PST yesterday, when the SEA simultaneously hacked into the registry accounts of the New York times, Twitter and the Huffington Post. The hackers immediately proceeded to alter the site’s registry accounts, changing contact details and DNS records. By performing the latter task, the SEA were then able to redirect visitors to other sites.

The attack, which was first reported by Matthew Keys, is the latest in a series of high profile cyber attacks made by the SEA, mostly targeted at sites that have been critical of President Bashar Al-assad’s regime.

We saw the first signs of the attack when the SEA tweeted the following message, along with a screenshot of Twitter’s whois records, providing a link to verify its authenticity.

 

Minutes after this, the SEA posted a second tweet alongside a screenshot of Twitter accounts it claimed to have hacked:

 

The group proceeded to change contact details for the Twitter.com domain, which means that it likely also gained the ability to redirect visitors to the domain elsewhere.

Aside from this, the SEA managed to hack into the twimg.com domain, which is used by twitter to handle almost all of its JS and CSS files, images, cookies and other bits. What this meant was that thousands of users discovered that Twitter.com wouldn’t load properly, with avatars being disabled for millions of users.

The situation was even more serious for the NYT, with reports of the homepage redirecting visitors to other sites and new subdomains being created. Since the attacks begun, the NYT has said that the issues were related to an attack on its domain registrar Melbourne IT.

“The New York Times Web site was unavailable to readers on Tuesday afternoon following an attack on the company’s domain name registrar, Melbourne IT. The attack also required employees of The Times to stop sending out sensitive e-mails.”

Meanwhile in the UK, the HuffingtonPost reported being hacked just 3pm PST. The site said that both its DNS records and its whois domain were infiltrated, however it managed to beat off the hackers by 4pm PST. The NYT and twimg.com have been less successful in repairing the damage however, as some of their DNS records still appear to point to the SEA.

Twitter posted the following update regarding twimg.com:

“At 20:49 UTC, our DNS provider experienced an issue in which it appears DNS records for various organizations were modified, including one of Twitter’s domains used for image serving, twimg.com. Viewing of images and photos was sporadically impacted. By 22:29 UTC, the original domain record for twimg.com was restored. No Twitter user information was affected by this incident.”

Yesterday’s hacks are one of the biggest scalps yet for the Syrian Electronic Army, which has previously taken control of numerous high profile Twitter accounts in the past, and more recently sabotaged websites belonging to the BBC, The Guardian, the Associated Press, and even the hacktivist group Anonymous. The group claims allegiance to Syria’s Bashar Al-Assad, although some of its antics are quite random and often don’t seem to concur with its stated goals, as Eva Galperin of the Electronic Frontier Foundation recently noted in an interview with The Verge:

“While it may seem a little bit like they’re doing it for the lulz because it is kind of random, it is ideologically motivated in the sense that these are all supporters of the Assad regime. And they’re looking to get a message out about what they feel is bias in the media against Assad.”

So why were the NYT, Huffington Post and Twitter attacked yesterday? The SEA didn’t give any reasons beyond voicing support for the Syrian government, but it’s likely to be a response to the intense speculation that US forces are preparing to mount an air strike against the country. Both the NYT and the Huffington Post have been critical of the Syrian regime in the past, while Twitter was most likely attacked simply because of its high-profile and the fact the hackers had the knowledge to do so.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU