Stuff.co.nz hacked by Syrian electronic army?

Forums › Off topic › Stuff.co.nz hacked by Syrian electronic army?

surfisup1000

5288 posts

Uber Geek
+1 received by user: 2159

#157343 28-Nov-2014 00:54

I opened up Stuff a short while ago and had a window popup saying...

"
The page at www.stuff.co.nz says:
You've been hacked by the Syrian Electronic Army(SEA)
"

Then, I was diverted to some arabic banner page.

But, I reloaded a minute later and the stuff page was restored.

1 | 2

5346 posts

Uber Geek
+1 received by user: 3317

Trusted

#1184562 28-Nov-2014 01:20

I guess even the Syrians are annoyed at how dumb stuff is these days.

Whatifthespacekeyhadneverbeeninvented?

benokobi

936 posts

Ultimate Geek
+1 received by user: 127

ID Verified

#1184564 28-Nov-2014 01:25

DarthKermit: I guess even the Syrians are annoyed at how dumb stuff is these days.

Don't get me started lol. An article on the page this evening about some Chinese stuff said it was sold for 75 million dollars. Then in the article they made no mention of that price and said US45 million ($NZ57 million) And on the desktop page it uses all three prices in the blurb on the front page of their site..

Edit

Went back and looked closer and found the title uses another price in the latest headlines section of the site and world with 75 mil.

The quality of their website and of the paper I read (Southland Times) seem to be getting worse. The paper has a new layout and their is a new section called "This is us" It contained a women who was explaining to the newspaper how she was going to get winz off her back and how she had a albino nephew who couldn't see and was funny.

I think it's embarrassing that the newspaper groups all of southland together with a winz scamming cheat when some of us aren't like that.

FrozenXZeus

2 posts

Wannabe Geek
+1 received by user: 2

#1184566 28-Nov-2014 01:34

This actually happened to me as well, what browser were you using? I was using Chrome and it derped, I switched to IE and it was OK, I uninstalled chrome and reinstalled it, and it was ok again.

surfisup1000

5288 posts

Uber Geek
+1 received by user: 2159

#1184567 28-Nov-2014 01:37

FrozenXZeus: This actually happened to me as well, what browser were you using? I was using Chrome and it derped, I switched to IE and it was OK, I uninstalled chrome and reinstalled it, and it was ok again.

I was using chrome, but there was no need to reinstall.

FrozenXZeus

2 posts

Wannabe Geek
+1 received by user: 2

#1184569 28-Nov-2014 01:40

surfisup1000:

I was using chrome, but there was no need to reinstall.

I guess the possible explanations are:

1) Hacked Chrome plugin with javascript injection, but if I had that I'd hack every site
2) We just happened to drew the short straw when clicking on Stuff, which would explain why after a while, when the browser cache cleared, it was ok
3) DNS poisoning? But it worked fine on IE

scormier

1 post

Wannabe Geek
+1 received by user: 1

#1184570 28-Nov-2014 02:16

I had the same thing happen to me just now on a different website

Lenovo

Shop now for Lenovo laptops and other devices (affiliate link).

SaltyNZ

8862 posts

Uber Geek
+1 received by user: 9539

Trusted

2degrees

Lifetime subscriber

#1184577 28-Nov-2014 07:05

benokobi:

I think it's embarrassing that the newspaper groups all of southland together with a winz scamming cheat when some of us aren't like that.

Only some of you? ;-)

iPad Pro 11" + iPhone 15 Pro Max + 2degrees 4tw!

These comments are my own and do not represent the opinions of 2degrees.

kol

11 posts

Geek
+1 received by user: 5

Trusted

Vocus

#1184592 28-Nov-2014 07:42

I believe this is related to a compromised JS file Stuff uses via the cdn.gigya.com CDN (specifically http://cdn.gigya.com/js/socialize.js)

http://www.theguardian.com/technology/2014/nov/27/syrian-electronic-army-hacks-independent-ok-magazine-and-nhl

Kiwifan

181 posts

Master Geek
+1 received by user: 127

Lifetime subscriber

#1184594 28-Nov-2014 07:44

Just had the same message on the iPad researching Route 66 on Google. Closed the link and have had no further messages. Weird.

freitasm

BDFL - Memuneh
80652 posts

Uber Geek
+1 received by user: 41034

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1184596 28-Nov-2014 07:46

Ah, using third party scripts for social media sharing, instead of hosting one yourself.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

jonathan18

7415 posts

Uber Geek
+1 received by user: 2850

ID Verified

Trusted

#1184744 28-Nov-2014 10:27

Stuff article on the problem: http://www.stuff.co.nz/technology/63625909/why-stuff-comments-and-log-ins-are-missing.html

Geekzone

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).

ckc

321 posts

Ultimate Geek
+1 received by user: 100
Inactive user

#1184762 28-Nov-2014 10:41

No more comments? Best thing that happened to Stuff in years. Might actually read it now.

dclegg

2806 posts

Uber Geek
+1 received by user: 810

Trusted

#1184792 28-Nov-2014 11:19

I received this email from Stuff about the hack

Hi there,
We'd like to reassure you regarding an issue that a number of our users have experienced this morning.

A worldwide hacking operation hit several major companies and media websites overnight, including stuff.co.nz.

There is no reason to believe any personal data was compromised.

Gigya, a third-party United States company which provides commenting and sharing services, had its domain registrar breached, which resulted in websites pointing to a new website, operated by the Syrian Electronic Army, when people tried to access them.

Stuff.co.nz was affected, along with Forbes, The Independent, The Daily Telegraph, The Chicago Tribune, Italy's La Repubblica and The Los Angles Times.

Companies including Dell, Microsoft, Ferrari and humanitarian organisation Unicef were also targeted.

The hack resulted in an image with the text "You've been hacked by the Syrian Electronic Army (SEA).

Gigya chief executive Patrick Salyer has advised that at no point was any user data compromised.

"To be absolutely clear: neither Gigya's platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised. "Rather, the attack only served other JavaScript files instead of those served by Gigya."

Our editor, Patrick Crewdson, would like to assure you that your personal information is safe.

"We treat any breach of services we use very seriously. We have no reason to believe any user information was compromised, and we're working with Gigya to make sure such a breach doesn't happen again."

If you've been affected, thanks for your patience while we deal with this matter.

Regards,
The team at Stuff.co.nz

YouOriginal

1 post

Wannabe Geek

#1184846 28-Nov-2014 12:16

Have any of you ever had dealings with stuff?? NZ media is a joke... TVNZ I went exclusive on a video with them then they tried to tell me I was not the owner of my footage, had to do a DMCA take down to get taken seriously. They had no record of the deal but showed the video on nation wide telly and uploaded it 6 times as a website video. As for stuff well that was the biggest stuff around I have ever had twice. Made me give up news videos and concentrate on music. Best thing I ever did $$ \m/

trig42

5889 posts

Uber Geek
+1 received by user: 2094

ID Verified

#1184849 28-Nov-2014 12:22

Had the issue at work this morning, one user on IE and a couple of Chrome - worried they had a virus.
Checked on mine and was working, got them to refresh page and it was OK. Obviously they got it sorted pretty quick.

Funny, looking at the email they sent to dclegg above, they are bunched in with some quite reputable websites/newspapers. Pity their content isn't up there with those.

1 | 2