The Syrian Electronic Army was back in action on Thanksgiving Day, performing a successful hack on a popular web service, Gigya, which manages the comments and social logins of prominent media and entertainment websites.
Visitors to sites belonging to CBC, CNBC, Forbes, OK! magazine, The Chicago Tribute, The Daily Telegraph, The Independent and The New York Times – all which utilize Gigya – were greeted with a message by the hacktivist collective that read, “You’ve been hacked by the Syrian Electronic Army (SEA).”
The group was able to perform the hack through a DNS redirect that pointed Gigya’s content delivery network to a server run by the SEA, according to a blog post addressing the matter penned by Patrick Salyer, CEO at Gigya.
“At approximately 6:45 AM EST we identified sporadic failures with access to our service,” Salyer said. “An initial inquiry has revealed that there was a breach at our domain registrar that resulted in the WHOIS record of gigya.com being modified to point to a different DNS server.”
The WHOIS record was corrected by Gigya roughly one hour after the malicious activity was detected.
The SEA confirmed the attack via their Twitter account, which was accompanied by a screenshot of the backend control panel for the Gigya.com domain at GoDaddy.com.
Several media entities impacted by the incident, like The Telegraph, confirmed the hack via their Twitter accounts.
Gigya ensured its users that neither its platform or any user data was compromised as a result of the hack.
The SEA has previously taken credit for a slew of high-profile hacks on websites and social media accounts of prominent media and government entities which include The New York Times, Forbes and the U.S. Central Command.