U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Cyber warfare

The Syrian Electronic Army is causing a mass media outage through Gigya hacking

High profile global websites using the customer management platform Gigya suffered a traffic redirection attack operated by the Syrian Electronic Army. A significant number of popular websites belonging to media organizations appeared to has been hacked by the hacking collective of Syrian Electronic Army on Thursday. The apparently hacked website, including The Independent, Telegraph e […]

The Syrian Electronic Army is causing a mass media outage through Gigya hacking

High profile global websites using the customer management platform Gigya suffered a traffic redirection attack operated by the Syrian Electronic Army.

A significant number of popular websites belonging to media organizations appeared to has been hacked by the hacking collective of Syrian Electronic Army on Thursday.

Syrian Electronic Army gigya hacked by SEA

The apparently hacked website, including The Independent, Telegraph e The Chicago Tribune, CNBC and other popular media agency like the Italian La Repubblica, display the following message

 “You’ve been hacked by the Syrian Electronic Army (SEA)”. 

syrian electronic army notification

According to the screenshots posted via Twitter by SEA also Dell, Microsoft, Ferrari and Unicef were hit by the hackers. Experts have immediately thought to an hack of customer management platform Gigya, which is used by hundreds of leading brands.

In an email from Gigya, visioned by journalists at CNBC, the company confirmed that it is under attack, apparently calls to Gigya domains were redirected to websites controlled by attackers and used to spread the messages. Fortunately the SEA haven’t used the traffic redirection to serve malware on final users, instead it has only spread propaganda messages.

gigya hacked by Syrian Electronic Army 3

The hackers of SEA team have chosen this date because it is Thanksgiving in the U.S. and probably the majority of Americans are browsing news websites in their spare time.

The Syrian Electronic Army supports the Syrian President Bashar al-Assad, in the last years the group hacked several important companies and media agencies, including the BBC, the Associated PressThe Financial TimesThe New Your Time and the Guardian, Microsoft and Twitter.

The group is politically motivated and many security experts consider its campaigns as part of PSYOPs campaign directed by the Syrian Regime.  The Syrian Electronic Army first emerged in May 2011, during the first Syrian uprisings, when it conducted various attacks against social media for pro-Assad propaganda.

Stay tuned for more information …

Pierluigi Paganini

(Security Affairs –  SEA, Gigya)