Yesterday, SEA hackers have hacked US costumer identity management platform, "Gigya" which is used by many of the popular media sites.
Same like always SEA hackers have tweeted about there hack and also posted the hacked domain control panel of the Gigya.
Happy thanks giving, hope you didn't miss us! The press: Please don't pretend #ISIS are civilians. #SEA pic.twitter.com/ZXzMWbXoYp
— SyrianElectronicArmy (@Official_SEA16) November 27, 2014
CBC, CNBC, Forbes, OK magazine, The Chicago Tribune, The Daily Telegraph, The Independent and The New York Times
Gigya CEO Patrick Salyer have explaind how hackers have managed to hack the Gigya, which effects more than 80 popular media sites.
At approximately 6:45 AM EST we identified sporadic failures with access to our service. An initial inquiry has revealed that there was a breach at our domain registrar that resulted in the WHOIS record of gigya.com being modified to point to a different DNS server.The hack was for short period of time as Gigya have recovered its compromised account and also restored back the changed DNS. Some users of the affected sites were redirected to an image of the group's crest set against a black background, and many of them were met with a message saying "You've been hacked by the Syrian Electronic Army (SEA)."
That DNS server had been configured to point Gigya's CDN domain (cdn.gigya.com) to a server controlled by the hackers, where they served a file called "socialize.js" with an alert claiming that the site had been hacked by the Syrian Electronic Army - Salyer wrotes.
The Telegraph and The Independent have also confirm about the attack on their Twitter account and both of them confirms that non of the users data was affected.
A part of our website run by a third-party was compromised earlier today. We've removed the component. No Telegraph user data was affected.
— The Telegraph (@Telegraph) November 27, 2014