The Independent is currently displaying a message that "You've been hacked by the Syrian Electronic Army (SEA)." So are several other high profile sites.
The Guardian reports:
A portion of visitors to all those sites are presented with a blank screen and a javascript popup telling them “you have been hacked by the Syrian Electronic Army”. The group apparently exploited a fault with a content delivery network (CDN).
Blame fell on the ad network due to the sporadic nature of the outages, which are difficult to replicate and spread over a number of sites.
Such symptoms are common for attacks delivered through an ad or content delivery network, which serves third-party code across a number of websites.
Related Stories
First seen in 2011, the Syrian Electronic Army (SEA) claims to support the regime of Syrian President Bashar al-Assad. They've been linked to hacking the Websites of the US Marine Corps, Microsoft, Skype, eBay and PayPal. Arrest warrants have been issued for the suspects:
On Tuesday, the US Department of Justice (DoJ) revealed in two unsealed criminal complaints the three Syrian nationals have been charged with multiple offences related to computer hacking.
In addition, two fugitives have been added to the FBI's "Most wanted" list, according to a DoJ press release. However, they are believed to be in Syria and out of reach of law enforcement.
[...] In the US District Court of the Eastern District of Virginia, 22-year-old Ahmad Umar Agha, also known as "The Pro," and Firas "The Shadow" Dardar, 27, were charged with engaging in a terrorism hoaxes, attempting to incite mutiny in US armed forces, unauthorised access to and damage to computer systems, access device fraud and the "illicit possession of authentication features."
Dadar and another suspect, 36-year-old Peter Romar, were also charged with unauthorized access to and damage of computer systems, extortion, money laundering, wire fraud, violations of the Syrian Sanctions Regulations and unlawful communication.
[...] In relation to the two additional Syrian nationals now wanted by US law enforcement, the FBI is offering a reward of $100,000 for information leading to their capture.
Previously: Independent.co.uk & Several Other Websites Hacked by Syrian Electronic Army
(Score: 1) by dlb on Friday November 28 2014, @05:44PM
Isn't defacing a web site analogous to some thirteen-year-old kid spray painting your garage door in the middle of the night? Annoying, and you might want to invest in some motion detectors and floodlights, but nothing to call the FBI about. Even if the kid sprayed SEA, or ISIS, or whatever letters he happened to have seen in some headline that day.
(Score: 2) by GreatAuntAnesthesia on Friday November 28 2014, @05:59PM
Exactly. I mean people in Syria have to deal with a full-blown 3-way civil war between a desperate dictator clinging to power, a bunch of rebels and a gang of whackjobs who like to behead people. Of course they also have all the problems that entails, such as societal collapse, refugees, shattered infrastructure, ever-present threat of violent death, hunger, lack of medical care etc etc etc... So what's the best thing to do in this situation? Grab a gun and fight for your side? Try to work towards a peaceful solution? Muck in and help your local community deal with the immediate problems in front of daily living? Hell no, let's get on the internet and scribble on the websites of some foreign newspapers, that's set things straight...
(Score: 2) by ticho on Friday November 28 2014, @07:11PM
Or maybe it's a, false flag operation. By whom? Why? No idea, I am just guessing.
(Score: 2) by jcd on Friday November 28 2014, @09:18PM
I think the real story here is the ability for CDNs to bring down their clients because they're not doing a good enough job checking what content they're delivering.
"What good's an honest soldier if he can be ordered to behave like a terrorist?"
(Score: 1) by anubi on Saturday November 29 2014, @01:21AM
We have had Sony release 22 million copies of a very stealthy and difficult to remove rootkit. These copies of extremely hostile code are sure to find their ways into the hands of people who may not have had inner connections with Microsoft to create such crafty code, but they can disassemble and learn.
Then we had FTDI release code which shows how to nuke interface chips. I am sure someone has copies of the 2.11 and 2.12 drivers around and are disassembling them to find out how FTDI did this and modify it to nuke other things.
We would probably jail someone cooking up and releasing hostile viruses to target others he has a bone to pick with, but so far on the cyber side, no corporate entity has seen jail time for cooking up hostile code. Nor has any "trustworthy computing" vendor stepped in to fix the situation.
I wonder how many point of sale machines out there are vulnerable for a deliberately planned nuking because some manufacturer designed in a back door no-one as of yet has either discovered or utilized.
How many customers have the guts to stand up to a sales rep and insist on a signature on a contract which assigns unlimited liability for software malfunctions in exchange for not decompiling or reversing the code to determine its trustworthiness? All this ignorance on the consumer side is leaving those "in the know" with a heyday of exploit opportunities.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by fnj on Saturday November 29 2014, @04:47AM
I have no problem with this, but how about also we jail and fine people creating INSECURE SYSTEMS.
(Score: 0) by Anonymous Coward on Saturday November 29 2014, @07:45AM
The sony rootkit was far from stealthy or complex. It was pretty amateur stuff, look at HxDef for more serious buisness.