Threat Level: green Handler on Duty: Russ McRee

SANS ISC Internet Storm Center


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

Syrian Electronic Army attack leads to malvertising

Published: 2014-11-27
Last Updated: 2014-11-27 20:33:03 UTC
by Russ McRee (Version: 1)
0 comment(s)

A number of online services were impacted by what has been referred to by multiple sources as a redirection attack by Syrian Electronic Army (SEA) emanating from the Gigya CDN. The issue was described as follows: "Gigya explained that earlier today at 06:45 EST, it noticed “sporadic failures with access to our service”. The organization than found a breach at its domain registrar, with the hackers modifying DNS entries and pointing them away from Gigya’s CDN domain, instead redirecting to their own server, which distributed a “socialize.js” file, namely the pop-up seen by everyone." Affected sites included Verizon, The Telegraph, The Independent, Forbes, Time Out, PC World, The Evening Standard, CNBC, and others.

The resulting pop-up simply stated "You've been hacked by the Syrian Electronic Army." Sadly, attacks of this nature are commonplace, and SEA has chosen the holidays in previous years to step up its activities so be prepared with your response plan and recovery procedures.

0 comment(s)

If you have more information or corrections regarding our diary, please share.

Recent Diaries

Syrian Electronic Army attack leads to malvertising
published 7 hours ago by Russ McRee (0 comments)

Less is, umm, less?
published 2 days ago by Adrien de Beaupre (2 comments)

Security update for Adobe Flash player
published 2 days ago by Adrien de Beaupre (1 comment)

Guest diary: Detecting Suspicious Devices On-The-Fly
published 2 days ago by Adrien de Beaupre (7 comments)

Someone is using this? PoS: Compressor
published 3 days ago by Richard (10 comments)

Craigslist Outage
published 3 days ago by tony (1 comment)

More Trouble For Hikvision DVRs
published 4 days ago by Dr. J. (0 comments)

View All Diaries →

Latest Discussions

CTF365 strange email
created 3 days ago by Alex (1 reply)

pasban
created 3 days ago by Anonymous (0 replies)

Marketing automation software vulnerabilities
created 1 week ago by Anonymous (0 replies)

Odd program from Google Chrome?
created 1 week ago by xParticle (2 replies)

How to handle with flood of spamy comments for a wordpress-based site?
created 2 weeks ago by height (0 replies)

View All Forums →

Latest News

View All News →