Pro-Assad group the Syrian Electronic Army (SEA) announced Tuesday that it hacked several Endurance International Group (EIG) web hosts including BlueHost, JustHost, HostGator, HostMonster and FastDomain for allegedly hosting terrorist sites. The BlueHost Twitter account was also hacked.
“When asked by IBTimes UK which terrorist websites in particular it felt Endurance Group was hosting, the SEA pointed towards this tweet, which claims the group has hacked a website called Islam-Army.com which is offline at the time of publication (though a mirror of what looks like the hacked website can be found here),” according to IBTimes UK.
EIG is a publicly-held company and one of the largest domain registrars and web hosts along with GoDaddy, Wix and Web.com. It recently announced it will double the size of its headquarters in Burlington, Massachusetts. The group has had a rough year with several major outages at various brands.
The SEA post simply states, “Endurance Group including (Bluehost, Justhost, Hostgator, Hostmonster, FastDomain) was hacked by the Syrian Electronic Army for hosting terrorists websites. The SEA gained access to the local-control panels of all the those companies.” If this is the case, the group could have been able to cause significant damage to sites hosted by these brands.
“We gained access to all the local-control panels of the hosting companies after establishing 2 VPN connections to both Endurance and Bluehost local networks,” an SEA spokesperson told Techworm.
The group posted screenshots on Twitter showing the control panels of BlueHost and HostMonster. The SEA also posted a screenshot of the BlueHost name server settings. The group’s Twitter feed stated “Next time… we will change the DNS. #SEA cc @Bluehost”
— SyrianElectronicArmy (@Official_SEA16) March 30, 2015
“On Sunday evening, Bluehost’s Twitter account was compromised for a short period of time. We were able to regain control of that Twitter account within a few hours,” EIG told the IBTimes UK.
“We are viewing this as an unfortunate case of cybervandalism,” a spokesperson from EIG told the WHIR in an email. “We have taken appropriate measures to ensure that our platform is secure. No customer websites or services were disrupted. We are continuing to conduct a thorough review to ensure that our platform remains secure.”
The SEA focuses on attacking sites that are antagonistic to Syria and Palestine. Previous attacks include Tango, the Associated Press, US Marines, New York Times, The Washington Post, CNN and Huffington Post to name a few.