Syrian Electronic Army has managed to gain access to ShareThis.com’s GoDaddy account following which it altered the nameserver details thereby redirecting all the traffic destined for ShareThis.com to SEA’s official website.
As a proof of the hijack, SEA posted a snapshot of the hacked account through a tweet. Cisco has been seemingly keeping a close eye on the events and has confirmed that ShareThis.com’s account has been overtaken by the hacking collective.
Cisco revealed that typically the domain’s nameservers were pointing to Akamai but, after August 21 the nameservers were pointing to those used by Syrian Electronic Army. Cisco noted in a blog post, “A whois lookup informs us that the ‘sharethis.com’ domain name is registered at GoDaddy, and typically it has its nameservers pointed to Akamai. However starting on the 21st of August, the nameservers for ‘sharethis.com’ were pointed to nameservers used by the Syrian Electronic Army.”
ShareThis tweeted the very same day that they were experience technical difficulties and that they will be back soon. On August 22, the company tweeted that the service was back up and running normally. The company hasn’t acknowledged the hack publicly.
Further, the hacking collective has also claimed that they have managed to gain access to one of the official email accounts of the company. Hackread.com has got a couple of screenshots of the hacked email account. From the contents of the email it is evident that the company is well aware of the hacked GoDaddy account but, it has refrained from publicly accepting the same. Further, the internal mail also reveals that all employees were asked to change their email address passwords.