Syrian Electronic Army (SEA), a pro-hacker group supposed to be aligned with Syrian President Bashar al-Assad has again gain media attention by compromising a number of popular news websites and displayed a Thanksgiving popups informing people that they've been hacked.
The Forbes, The Independent, The Chicago Tribune, The Daily Telegraph, The London Evening Standard, broadcaster CNBC, PC World and the US National Hockey League were among those popular websites affected by the group.
This time they apparently targeted a third-party widget that is used by all those compromised websites. It is being reported that the hacker group found a way into registrar GoDaddy to compromise DNS records for the Gigya, a customer identity management platform used by all the sites.
The visitors to the site were shown the above image. The Telegraph admitted it had been "compromised" and blamed a "third party" (which is Gigya) widget used by the website, the Telegraph tweeted after being hacked.
"Some calls to Gigya domains were redirected to the hackers site or showed a hacking message to end users", Gigya said in a statement to El Reg. "It might take some time until the changes propagate to all users. We have worked with GoDaddy to resolve the issue and the redirection was removed."
A Twitter account linked to the SEA group claimed responsibility for attacking Global media organizations, appearing to link it to ISIS — a reference to the Islamic State terrorist organization, which is fighting against Syria's President Bashar al-Assad.
"Happy thanksgiving, hope you didn't miss us! The press: Please don't pretend #ISIS are civilians. #SEA," said a message posted by the group to a Twitter feed.