The Hacker News
The Syrian Electronic Army (SEA) is at it again. The hacktivist group, who are known to back Syrian President Bashar al-Assad, has hacked many high profile Qatar based websites, including the Google, Facebook, Aljazeera and Government - Military websites.

Starting at about 4:25 am (GMT 5:30+), the Syrian Electronic Army shared this message on Twitter: Qatar is #down and following that, they went about switching off government and private websites using the .qa extension.

Cybersecurity

The domains are managed by Qatar's Ministry of Information and Communication (ictQatar). Apparently, the Syrian Electronic Army gained access to Qatar Domain Registrar (portal.registry.qa) and modifies the DNS entires to redirects the targeted websites to servers controlled by hackers serving defacement page, that include a picture of Assad and the groups logo, as shown.

The List of the targeted websites is posted on Twitter by hackers - these include:
  • moi.gov.qa
  • facebook.qa
  • gov.qa
  • vodafone.qa
  • aljazeera.net.qa
  • google.com.qa
  • ooredoo.com.qa
  • diwan.gov.qa
  • qaf.mil.qa
  • mofa.gov.qa
Another tweet from SEA shows that they have unauthorized access to Domain Registrar of Qatar:
The Hacker News

The SEA's high-profile media hacking spree began earlier this year. Among the victims of the group are The Financial Times, The Guardian, and the Associated Press. Most recently, the Washington Post got hit. The common running theme: the papers reported stories SEA didn't like.

At the time of reporting, most of the hijacked websites are still showing the deface page while other are now down. These attacks are one more example of why companies need to implement properly layered defense strategies.

Have you been affected?

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.