14 DAY TRIAL // People accessing Washington Post’s website from a mobile device on Thursday were greeted with pop-up messages from the Syrian Electronic Army (SEA) hacker outfit.
One of the texts used said bluntly that the visitor had been hacked, while others were propagandistic in nature, relating to the military actions in Syria and Yemen.
Visitors redirected to a different web page
The compromised system was not the newspaper’s web server, but the Instart Logic service, the content delivery network (CDN) for distribution of the web pages, which was clearly revealed by SEA in their Twitter feed.
As a result of the incident, users who tried to access Washington Post’s mobile website were automatically redirected to a different location controlled by the hackers, all the while, the string in the browser’s address bar showing that they loaded the correct page.
According to the newspaper, the website was under the control of the hackers for about 30 minutes and no customer information or other damage was caused.
Shailesh Prakash, Washington Post’s chief information officer, said that the attack impacted “some section fronts on the mobile site,” but it did not affect any of the published articles.
Hackers could have done greater damage
Kenn White, a computer scientist in North Carolina, captured the JavaScript code used by the hackers to show the notifications, which included the following:
“You’ve been hacked by the Syrian Electronic Army!” “US govt is training the terrorists to kill more Syrians.” “Saudi Arabia and its allies are killing hundreds of Yemens people everyday!” “The media is always lying.”
The breach did not have other consequences than showing the hacktivists' messages, but SEA could have easily exploited the weakness to direct visitors to a location serving malware.
In this case, the hackers were ostentatious in their actions, but others may choose to fly under the radar and carry out financially motivated activities.
#SEA hacks @Washingtonpost mobile site in order to deliver a message. #SEA pic.twitter.com/CDX5CKSXRk
— SyrianElectronicArmy (@Official_SEA16) May 14, 2015
