The Syrian Electronic Army, a hacker collective that supports Syrian President Bashar al-Assad, targeted a number of British and North American news websites yesterday, including Forbes, the Chicago Tribune, the Guardian, the Telegraph, CNBC, and more.
A tweet apparently posted by the SEA indicated that the attacks were meant to coincide with the Thanksgiving holiday in the US.
The hack exploited a vulnerability in the DNS settings of Gigya, a service that many large websites use to handle comments and social logins.
In a blog post, Gigya said a breach at the company's domain registrar resulted in the WHOIS record of gigya.com being modified to point to a different DNS server, which in turn had been configured to point the company's CDN domain to a server controlled by the hackers. The company says that neither the platform nor any user, administrator or operational data was compromised.
"It is PR move to show they have the skills, but what they are doing is not dramatically sophisticated," said former FBI agent Ernest Hilbert, who is also the managing director of cybercrime at investigations firm Kroll.
This isn't the first time the SEA has targeted media organizations; back in May last year, the group hacked the website and Twitter accounts of Financial Times. Later that year, the group also took credit for compromising the Twitter account belonging to President Barack Obama.