14 DAY TRIAL // The website of International Business Times has been modified by the hackers of Syrian Electronic Army (SEA), who replaced various sections in the front page and deleted an article.
The group claimed responsibility for the attack on Wednesday in a tweet that included an image of the defaced online location and a link to a site collecting instances of defaced websites.
Other publications have also been impacted in the recent past
SEA is formed of supporters of the Syrian President Bashar al-Assad and has been vocal about their political affinities, authoring cyber-attacks against different targets they believed distorted facts about the conflict in Syria.
In late November, the group carried out a set of attacks on several media outlets, blocking access to their websites and directing visitors to a page showing the SEA logo.
The Independent, OK Magazine, The Telegraph, London Evening Standard, America’s National Hockey League, The Chicago Tribune, Forbes, and NBC.com were all on the list of targets.
Their most recent actions directed towards IBTimes consisted of replacing the title of the column of news stories with “Hacked by SEA” and removing an article about a study on the reduced number of soldiers currently at the disposal of President Bashar al-Assad.
Hackers leave a clear message
In the message left on the website, SEA warns that only minor change was done this time, but in case of further inaccuracies published in the future, they would take a more drastic measure.
“Hacked by the Syrian Electronic Army. This time we only deleted the article that content false information about Syria and the Syrian army. Next time, we will delete all your website,” the title of the removed article read.
Except for posting proof that they breached the security of IBTimes website, SEA has remained silent on Twitter. They did publish an account of the event on their website.
It appears that they managed to get access to the administration console of the website, by logging in with valid credentials. It has not been reported how the hackers succeeded in their task, but most likely they resorted to a targeted phishing attack, more commonly known as spear-phishing.
In the picture of the backend, one can clearly see that SEA had already deleted the article and could have done a lot of damage, since they had unrestricted access to all the sections in the dashboard.
At the moment, the administrators of the website have fixed the issue and the hackers’ message is no longer available, but a cache of the page has been submitted to zone-h to prove their deed.
