News links on Washington Post, Time and CNN hacked
By Chris Boyette@CNNTechAugust 15, 2013: 5:33 PM ET
NEW YORK (CNNMoney)
A hacking group on Thursday attacked The Washington Post, CNN and Time by breaching a news recommendation engine that appears on those websites.
Hacked news links were redirecting to a site controlled by The Syrian Electronic Army. The hacking group, which supports Syrian President Bashar al-Assad, has taken credit for several prominent attacks recently.
The Syrian Electronic Army hacked recommendation service Outbrain, which is used by several prominent websites, including CNN, Time and the Washington Post. Outbrain took down its tool on Thursday, and the media companies disabled the service as a precautionary measure.
Emilio Garcia-Ruiz, managing editor of the Post, said the affected links were only displayed on the site for about a half hour. CNN spokesman Matt Dornic said CNN's websites were not directly penetrated. CNNMoney, which also uses Outbrain's service, was not affected by the hack.
In a tweet, the Syrian Electronic Army said that it attacked the Post, CNN and Time "in one strike" by hacking Outbrain.
"We are working diligently to investigate the cause and the measures to prevent this in the future," said Yaron Galai, CEO of Outbrain, in a letter to publishers. "Once we feel that the service is stable, we will bring back the service again."
The Post also said the Syrian Electronic Army launched a sophisticated phishing attack against one of its staff writers a few days ago. The hacking group used the writer's personal account to send out a Syrian Electronic Army message.
On Tuesday, the pro-Syrian hacking group took credit for hacking the New York Post's Facebook page and Twitter feeds of some of some Post reporters, in addition to hacking the social media sites and blog of social media content manager SocialFlow.
The website of the New York Times went down on Wednesday for a couple hours, prompting speculation hackers were responsible, but a spokeswoman for the paper said the outage was the result of complications associated with a scheduled maintenance update
Over the past few months, the group claims to have hacked British broadcaster the BBC, The Financial Times, The Associated Press, CBS(CBS) News and NPR, as well as Columbia University and Human Rights Watch.