Print 21 comment(s) - last by Moishe.. on Aug 30 at 2:51 PM

Both domains have been restored and protected

A Syrian hacker group temporarily took over the websites of media companies like The New York Times and Twitter as a response to the U.S.' recent consideration of military action against the Syrian government.

The attacks were launched by The Syrian Electronic Army (SEA), which openly took credit for the hacks. The group reportedly wasn't looking to obtain information or infect end users, since the hacks only redirected traffic to a server controlled by the Syrian group., and The Huffington Post's British web address were the targets. 

The SEA was able to access these sites through Australian Internet service provider MelbourneIT, which manages domain names (including and NYTimes).

MelbourneIT tracked the breach to an Indian Internet service provider. Two staff members from one of their resellers reportedly opened a fake email looking to obtain login details. 

According to Reuters, the hackers grabbed a hold of one staff member's email, which contained the login and password information of The New York Times. 

While other media companies were attacked as well, the efforts were unsuccessful thanks to the use of registry locks. 

MelbourneIT said it restored the correct domain name settings, changed the password on the account and locked the records.

This isn't the first time the Syrian groups attacked media sites. Hackers promoting the SEA targeted websites like CNN, Time and The Washington Post back in August by breaching a third party service that these sites use. 

In August 2012, Reuters' blog was hacked and fake statements about Syria were posted. The report said the hackers were looking to spread negative misinformation about the freedom fighters actively rebelling against the country's despotic regime.

Reports believe the most recent hacks by the SEA have something to do with the Obama administration's possible decision to take military action against the government of Syria. 

Source: Reuters

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By Milliamp on 8/28/2013 6:21:14 PM , Rating: 2
It is amazing that a single users credentials are all that is required to take over the domain for NYT and twitter.

I can't believe changes to those domains can be made so easily. Edits to those domains should reside with only a very small group of people within the company and require some serious multi stage confirmation process (at a minimum calling the company involved to make sure they mean it).

RE: Amazing
By SAN-Man on 8/29/2013 9:06:34 AM , Rating: 2
Why is it amazing?

It's a web site, not a nuclear reactor. There is no real world tangible damage here.

Sure, in an ideal world there would be separate service account for each domain and they would be changed weekly, but in truth it doesn't always work that way.

Let's be clear what happened here - Twitter, NYT, etc weren't "hacked" or "taken control of" - the company they pay to manger (hold) their Internet domains was breached and DNS records were changed. So instead of point to IP (the correct web server) the record was changed to point to (the bad guy web server).

That's it!! Really, no hacking was involved here - just sloppy security.

"Well, we didn't have anyone in line that got shot waiting for our system." -- Nintendo of America Vice President Perrin Kaplan

Most Popular Articles5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Laptop or Tablet - Which Do You Prefer?
September 20, 2016, 6:32 AM
Update: Samsung Exchange Program Now in Progress
September 20, 2016, 5:30 AM
Smartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki