This was not a story published by Reuters, but it was what visitors to the site saw earlier today.
The Syrian Electronic Army has made old hat of hacking major US media outlets throughout the past year, and Reuters was no exception. However, while visitors to the news outlet’s site undoubtedly noticed the SEA’s handiwork on display temporarily this afternoon, security researcher Frederic Jacobs is reporting this latest breach was not due to any wrongdoing from Reuters.
Users trying to read the story “Attack from Syria kills Israeli teen on Golan, Israel says” (restored as of Sunday evening) were redirected to the message above at times throughout the day. And on Medium, Jacobs wrote that SEA compromised the site by targeting the New York-based ad network Taboola. While the security researcher is unsure of how SEA managed to compromise Taboola (based on previous attacks, he hypothesizes a phishing campaign like what The Onion faced), Jacobs had a pretty good idea as to why.
“By compromising Taboola, the value of the compromise is significantly higher than just compromising Reuters,” Jacobs wrote. “Taboola has 350 million unique users and has partnerships with the world’s biggest news sites including Yahoo!, the BBC, FoxNews, the New York Times… Any of Taboola’s clients can be compromised anytime now.”
Read 1 remaining paragraphs | Comments