Syrian Electronic Army hack hits sites using Gigya, but all data safe

By exploiting a hole in the system that handles domain names such as independent.co.uk, hackers were able to re-direct users

Sites using the popular Gigya comment platform were attacked by the Syrian Electronic Army (SEA) today, as hackers used the system that handles domain names to send them SEA messages and re-direct them to different websites.

The Gigya platform itself was not hacked, said experts, and no user data is or was in jeopardy.

The attack hit websites across the world, including news websites and those of sports teams and leagues.

Hackers attacked the Gigya DNS entry at GoDaddy. GoDaddy is a domain registrar that manages domain names, and DNS (Domain Name System) is a technology used to translate domain names such as independent.co.uk into directions to the website itself.

The attackers were able, in some cases, to change those instructions to point towards messages or images, hosted on other websites.

Some users saw messages that said “You’ve been hacked by the Syrian Electronic Army,” while others were re-directed to a page on image hosting site Imgur that showed a crest often used by the group.

Gigya and GoDaddy worked together to fix the issue, which has now been resolved. The redirection is now removed, though the fix might take some time to be shown for all users.

Patrick Salyer, Gigya's CEO, said that no data had been compromised and none was ever at risk.

"Neither Gigya’s platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised," he said. "Rather, the attack only served other JavaScript files instead of those served by Gigya."

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in