BY DEREK MEAD
Yesterday, the Syrian Electronic Army appeared to have taken over the New York Times, Twitter, and Huffington Post UK domains. At the very least, the SEA wrote its name as the registered owners of the domains, according to Whois searches.
The SEA gained access to the domains through a little-known registrar named Melbourne IT, which the SEA noted had weak security before also taking down that firm’s site.
Melbourne IT website hacked with a brief message | https://t.co/H1KOPgK5xx #SEA #SyrianElectronicArmy
— SyrianElectronicArmy (@Official_SEA16) August 28, 2013
Curiously, the SEA tweeted this morning that it had targeted the NY Times site in order to deliver an anti-war message, but its servers couldn’t handle the load. A copy of the message is now on Pastebin.
The @nytimes attack was going to deliver an anti-war message but our server couldn’t last for 3 minutes #SEA
— SyrianElectronicArmy (@Official_SEA16) August 28, 2013
Our website and domain are now down, but it was worth the attempt, for #Syria and world peace. #SEA
— SyrianElectronicArmy (@Official_SEA16) August 28, 2013
The SEA says it took down Twitter in protest of the conflict in Syria—as well as bad tweeting, apparently.
We placed twitter in darkness as a sign of respect for all the dead #Syria-ns due to the lies tweeted it. #TWimg #SEA
— SyrianElectronicArmy (@Official_SEA16) August 28, 2013
Even if the attacks didn’t last, taking over domains via the registrar seems to be a bit more advanced than the phishing schemes the SEA used to hack the Onion and other news organizations. Does that mean the SEA is getting more skilled? Possibly. It also means that a whole lot of major websites still have pretty lax security.