Reuters Readers Redirected In Ad Network Attack

An online ad network used by the web site of the Reuters news service was the victim of a malicious attack by the Syrian Electronic Army on Sunday.
The Syrian Electronic Army claimed responsibility for a malicious ad attack that affected Reuters.com
The attack, against the firm Taboola, resulted in visitors to Reuters.com being redirected to a web site operated by the Syrian Electronic Army, a pro- Syrian government group that has taken credit for attacks against The New York Times, The Washington Post, Reuters and other western news outlets in the last year.

According to a post on Taboola’s blog, Attackers claiming affiliation with The Syrian Electronic Army (SEA) used a phishing attack to gain access to a Taboola-operated program on Reuters.com early Sunday.

The attacker then redirected visitors to articles on Reuters.com to a SEA website.Taboola said it detected the breach at around 7:25 AM East Coast time in the United States on Sunday and had resolved it by 8:00 AM the same day.

That is similar to the methods used by the SEA in an attack against The New York Times website in August, 2013. In that incident, SEA hackers used phishing e-mails to harvest credentials from a U.S. based reseller of Melbourne IT, the Australian hosting firm and DNS provider used by the Times. They then used their control over that account to point nytimes.com – the Times’s main web site – to a landing page displaying an SEA banner.

In his blog post, Taboola’s Founder and CEO, said that the company uses two-factor authentication to control access to employee accounts – so it is unclear how the SEA were able to hijack an employee’s account. The company said it has since changed all access passwords and will continue investigating the issue.

The use of online ad networks to spread malicious attacks is become more popular among cyber criminal groups. In the attacks, malicious ads are inserted into online ad services. They then pop up on the sites of customers who subscribe to the service – giving malicious actors exposure to the viewing population of popular, commercial sites.

Recently, the Interactive Advertising Bureau (IAB) has proposed strict, new rules and regulations that would require more strict oversight of online advertisers, and adherence to best practices to prevent unsavory actors from slipping malicious ads into otherwise reliable commercial ad networks.

 

Spread the word!

Comments are closed.