SEA Hacks Reuters Using Advertising

The Syrian Electronic Army (SEA) the middle east’s answer to the NSA, recently defaced the website of news agency Reuters.  They accomplish this by hacking the advertising servers of third-party advertising provider Taboola.  The SEA evidently gained access to Taboola through the use of phishing emails which asked the recipients for their logon credentials.  This is a very simple to use attack and almost anyone could use, and re-emphasizes the need for employee security awareness training.  This could have been easily prevented if the Taboola employee concerned was less trusting and more suspicious of the email request.

Visitors to Reuters, who attempted to read the story “Attack from Syrian kills Israeli teen on Golan, Israel says” were instead routed to an SEA controlled web site and confronted with the message:

Hacked by Syrian Electronic Army
Stop publishing fake reports and false articles about Syria.
UK government is supporting the terrorists in Syria to destroy it, Stop spreading its propaganda.

This story once again shows the need for third part web services such a Taboola to do a better job vetting the advertising that they are placing on ad supported websites around the Internet.  To the average user, this illustrates that there are many ways to get into trouble on the Internet, even on perfectly respectable legitimate sites such as Reuters.  To protect yourself from these sorts of exploits, be wary any time your click through link takes you some place unexpected.  Immediately close your browser, disconnect from the Internet to prevent any drive-by downloads, and open your Internet Security product and scan your computer for possible downloaded malware.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.