Outbrain announced today that an employee fell for a phishing attack, giving a group of pro-Syrian regime hackers access to its systems.
Yesterday, the Syrian Electronic Army hacked into the Washington Post, redirecting some of the publication’s posts to the SEA website. The hackers were able to access the Washington Post site after compromising content partner Outbrain. Outbrain runs a widget that takes content already existing on your website and re-promotes it to your existing visitors. Outbrain says that when the SEA got inside its widget, it was able to either promote its own name or redirect the website.
Hackers use phishing attacks to lure victims into handing over sensitive information without them knowing it. In many cases, these messages and emails look like legitimate requests for login information, financial information, and other personal information.
For Outbrain, the SEA sent an email that looked like it came from the company’s chief executive. The email contained a “link from a prominent news source, which redirected to a page asking Outbrain employees to input their credentials.” One employee fell for the trick.
Outbrain says that in order to make sure this does happen again, it is pushing a company and customer-wide password reset and requiring all of its employees to use two-factor authentication. Furthermore, it has brought on an unnamed security partner to look at the forensic data and is monitoring its code hourly to ensure that the SEA didn’t put in back doors.