The Syrian Electronic Army (SEA) defaced a number of Western websites yesterday, in an attack timed to coincide with American Thanksgiving celebrations.
The Daily Telegraph, the New York Times and the Canadian Broadcasting Corporation were among those hit in the attacks, which posted a message from the SEA and redirected users to the group’s logo on some website pages.
A message posted to the group’s Twitter page read: "Happy Thanksgiving, hope you didn’t miss us! The press: Please don’t pretend #ISIS are civilians. #SEA."
The hackers, who sympathise with Syrian president Bashar al-Assad and oppose Isis, targeted a third-party widget belonging to the ID management firm Gigya, following a breach against its account with domain registrar GoDaddy.
One of Gigya’s domain name servers, which point readable URLs to website IP addresses, was said by the company to have been redirected towards a server controlled by SEA, which contained the group’s message.
"To be absolutely clear: neither Gigya’s platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised," said Patrick Salyer, chief executive of Gigya.
"Rather, the attack only served other JavaScript files instead of those served by Gigya"