Those who tried to see the Washington Post on a mobile device on Thursday picked up pop-up messages from the well-known Syrian Electronic Army (SEA) cheating team.
One of the texts has told visitors that the page has been violated, while others have been propagandistic about military operations in Syria and Yemen.
In fact, the company's web server and website were not compromised. Hackers managed to display their messages through it services Instart Logic, a content distribution network (CDN) used by the company.
So those users who tried to access the Washington Post website from their mobile phones were automatically redirected to a different website controlled by the hackers. All this space the address bar of the proletterbrowser showed that you were on the correct website.
According to the newspaper, the site was under the control of hackers for about 30 minutes and no damage was caused.
Shailesh Prakash, the Washington Post's chief security officer, said the attack it affected "the mobile site" but this did not affect any of the published articles.
Kenn White, a computer scientist in North Carolina, was able to get the JavaScript code used by hackers to display the following alerts:
"You have been hacked by the Syrian Electronic Army!"
"US govt is training the terrorists to kill more Syrians."
"Saudi Arabia and its allies are killing hundreds of Yemens people everyday!"
“The media is always lying.”
The offense had no other consequences, Syrian Electronic Army could easily (if they wanted) direct the company's visitors to a website that distributes malicious software.
But this group of hackers does not get used to such actions, since their motivation is not economical.