Just few days ago, Syrian Electronic Army hacked the Sun and Sunday times website to notify the news organization to not to publish false news about Syria, the same message sent to the Reuters through hacking into their website.
According to the users who visited the website during the hack, upon clicking any articles the site was redirecting to a message from SEA, see image above.
The Hack Message read:
“Stop publishing fake reports and false articles about Syria!”
“UK government is supporting the terrorists in Syria to destroy it. Stop spreading its propaganda.”
In-Real Reuters was not hacked, one of its web advertising partner Taboola was hacked, which now puts at risk other major news outlets, analysts say.
As you can in the image below, how Taboola web ads look like, which usually placed below every single article on the website, and upon clicking on any of the ads, the website was redirecting to the Syrian Message from the hackers:
One commentator believes any client of Taboola – including the world’s biggest news sites such as Yahoo!, the BBC and Fox News – could be at risk “anytime now”.
On the same day, Taboola confirms about the issue and wrote in a statement online:
Today, between 7AM – 8AM EDT, an organization called the “Syrian Electronic Army” hacked Taboola’s widget on Reuters.com.
The intruder was redirecting users that accessed article pages on reuters.com to a different landing page.
The breach was detected at approximately 7:25am, and fully-removed at 8am. There is no further suspicious activity across our network since, and the total duration of the event was 60 minutes.
While we use 2-step authentication, our initial investigation shows the attack was enabled through a phishing mechanism. We immediately changed all access passwords, and will continue to investigate this over the next 24 hours.
Please follow our blog and social channels for future updates, and for any question please email us at Tammy.g [at] Taboola [dot] com.
Founder & CEO Taboola
One more screenshot tweeted by the SEA, which claims to hack the Taboola Paypal account, but in the public statement given the company, there was not any discussion made upon the Paypal.
Taboola, such a big firm is the victim of Phishing attack, and we noticed in most of the SEA Hacks, they use Phishing attacks to gather passwords of the high profile websites accounts and then use them to post
Last Time Reuters was hacked by the SEA last year in July, when the group hacked its one of the official twitter account.