Syrian Electronic Army inspired by previous Anonymous hack of Melbourne IT?
By Chris on August 30, 2013
Reposted from Social Media Threat.
Earlier this week, the New York Times, Twitter, and the Huffington Post UK experienced disruptions to their websites that included visitors being redirected to sites belonging to the Syrian Electronic Army. The hackers redirected traffic to these sites after gaining unauthorized administrative access to domain registrar Melbourne IT systems. Access was gained via a phishing attack on a yet to be named reseller.
This was not the first significant breach of Melbourne IT’s security. Past attacks that occurred in May 2009 and July 2012 exploited infrastructure vulnerabilities rather than social engineering used in this week’s attack. The first hack in 2009 targeted a subsidiary, Domainz, while the second in July 2012 carried out by members of Anonymous leveraged a vulnerability in Adobe’s Cold Fusion environment.
Previous attacks on Melbourne IT were executed differently and achieved distinct results including company website defacements in 2009 and stolen data in 2012. Both previous attacks were politically motivated. A hacker affiliated with the SEA, Th3 Pr0, provided an email response to inquiries by Business Insider that indicates Melbourne IT was targeted based on its customers: Twitter, which has repeatedly shut down SEA accounts, and the New York Times, which follows the group’s ongoing disinformation campaign.
Despite the differences, one wonders if Melbourne IT was viewed by the SEA as an ideal access point to Twitter and the New York Times based on successful previous attacks by its occasional associates at Anonymous.
Join Recorded Future and Oren Falkowitz, former Chief Data Scientist at United States Cyber Command, for a free webcast on September 4 discussing the rise of social engineering techniques in cyber operations.