The Financial Times was hacked Friday by hackers aligned with Syrian President Bashar al-Assad, the Syrian Electronic Army. The attack follows hacks against the Twitter accounts of other publications, including the BBC, NPR, Reuters and the AP. Both the FT website and Twitter feed were hit. Stories on the FT's site had their headlines replaced to read "Hacked by Syrian Electronic Army," and messages on the FT Twitter feed read, "Do you want to know the reality of the Syrian 'Rebels?'"
The hackers carried out the attack using the popular spearphishing tactic. Via the New York Times:
Researchers who have been conducting digital forensics on these attacks say they are done through so-called spearphishing, in which attackers send e-mails that contain a link to a fake news article to employees at their target organization.
Once clicked, the link redirects employees to a fake Google or Microsoft mail site that asks the employee for their user name and password. The hackers then use that information to get inside employees’ inboxes, where they can send more e-mails to employees who have access to the organization’s social media accounts, then use that access to reset the organization’s password to their Twitter account.
... Meanwhile, the Syrian Electronic Army itself became a hacking target this week. Anonymous, the loose hacking collective, took the group’s Web site offline in a type of digital attack called a distributed denial of service, or DDoS, in which they flood the site with traffic until it collapses under the load.
Shares