Washington Post hacked by the Syrian Electronic Army, amid claims that TIME and CNN were also hit

Graham Cluley

Washington PostThe Washington Post is the latest in a long line of media organisations to have suffered at the hands of the notorious hacking group, the Syrian Electronic Army (SEA).

In the latest attack it appears that the hacking group have managed to redirect readers trying to read certain Washington Post stories to the SEA’s own website instead.

Syrian Electronic Army

The Syrian Electronic Army has been making something of a mockery of the computer security at a wide range of media organisations in recent months, with victims including the BBC, ITV, The Telegraph, The Financial Times, The Guardian and Thomson Reuters.

Just earlier this week, the New York Post found that its Twitter and Facebook pages had been hijacked by the group.

A notice on the Washington Post’s website confirms that they have been hacked:

Washington Post hacked

The Washington Post Web site was hacked today, with readers on certain stories being redirected to the site of the Syrian Electronic Army. The group is a hacker collective that supports Syrian President Bashar al-Assad.

The Post is working to resolve the issue.

The Syrian Electronic Army has confirmed its involvement in the hack by posting a message from its Twitter account, and also claiming that it also struck CNN and Time Magazine at the same time.

According to the hackers they managed to compromise the media sites by breaking into systems at Outbrain, providers of a widget which displays “recommended content” that web visitors might be interested in reading.

Syrian Electronic Army implicates Outbrain

Outbrain has confirmed that its systems were attacked, and says it has disabled its recommendation services while it investigates the problem.

Tweet from Outbrain

Due to an attack, our recommendations are down. Our team is working to get our system secure & up shortly. Apologize for any inconvenience.

Chances are that the systems at Outbrain were compromised by the Syrian Electronic Army’s usual trick of phishing for passwords. All computer users need to savvy-up, and show much greater care about where they enter their passwords.

Further reading: How Outbrain got hacked by the Syrian Electronic Army.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES