The Syrian Electronic Army (SEA) the middle east’s answer to the NSA, recently defaced the website of news agency Reuters. They accomplish this by hacking the advertising servers of third-party advertising provider Taboola. The SEA evidently gained access to Taboola through the use of phishing emails which asked the recipients for their logon credentials. This is a very simple to use attack and almost anyone could use, and re-emphasizes the need for employee security awareness training. This could have been easily prevented if the Taboola employee concerned was less trusting and more suspicious of the email request.
Visitors to Reuters, who attempted to read the story “Attack from Syrian kills Israeli teen on Golan, Israel says” were instead routed to an SEA controlled web site and confronted with the message:
Hacked by Syrian Electronic Army
Stop publishing fake reports and false articles about Syria.
UK government is supporting the terrorists in Syria to destroy it, Stop spreading its propaganda.
This story once again shows the need for third part web services such a Taboola to do a better job vetting the advertising that they are placing on ad supported websites around the Internet. To the average user, this illustrates that there are many ways to get into trouble on the Internet, even on perfectly respectable legitimate sites such as Reuters. To protect yourself from these sorts of exploits, be wary any time your click through link takes you some place unexpected. Immediately close your browser, disconnect from the Internet to prevent any drive-by downloads, and open your Internet Security product and scan your computer for possible downloaded malware.Share