A number of online services were impacted by what has been referred to by multiple sources as a redirection attack by Syrian Electronic Army (SEA) emanating from the Gigya CDN. The issue was described as follows: Gigya explained that earlier today at 06:45 EST, it noticed sporadic failures with access to our service. The organization than found a breach at its domain registrar, with the hackers modifying DNS entries and pointing them away from Gigyas CDN domain, instead redirecting to their own server, which distributed a socialize.js file, namely the pop-up seen by everyone. Affected sites included Verizon, The Telegraph, The Independent, Forbes, Time Out, PC World, The Evening Standard, CNBC, and others.
The resulting pop-up simply stated Youve been hacked by the Syrian Electronic Army.">| font-family: ">@holisticinfosec
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
