Reuters blog site hacked, fake Syria-related stories posted

The blog site of one of the world’s leading press agencies, Reuters, was hacked today and several Syria-related news stories were posted, the company has revealed.

Reuters says that the stories posted concerned movements of anti-regime troops in Syria. The hackers had access to the site for long enough to post at least two fake stories both of which were attributed to actual reporters for the company.

One fake story posted on the site claimed that Riad al-Asaad, the head of the Free Syrian Army (FSA), was pulling troops back from the northern city of Aleppo after fighting with the Syrian Army (The Google Cache for the page is still active but may be gone when you click this).  The story was posted at 09:43 (apparently US time) and was indexed by Google about an hour later.

Reuters said today,

“Reuters did not carry out such an interview and the posting has been deleted…Reuters journalists in Aleppo have reported Free Syrian Army fighters are still present in the city and outlying province.”

The publication of the fake story led the FSA to issue a statement saying that such an interview had not taken place.  According to the Associated Press another post claimed that “rebels had acquired chemical weapons from Libya and were preparing to smuggle them into Syria.”  The posting went on to say the chemical weapons posed a security threat to Europe.

Reuters says that it has no information about who was behind the hack, although the AP reports that one group loyal to the regime had threatened to target “fake revolution” websites.

We do know that both stories appear to have been written by non-English speakers.  One post reads, “His stockpile is thought to contain mustard gas and sarin, two dangerous agents that can induce death or permanently disabilities along large areas [sic].”

Metadata for the two known fake stories show that they were published within 45 minutes of eachother, although both posts could have been set to go live at specific times.

Concerned for the company’s reputation, Reuters stressed that it was the company’s blogging platform that was hacked and not the main website.  The company’s blogging platform is built on WordPress, which has become an industry standard for professional news agencies, and is generally considered as a platform that can be secured.

Although, as recent events have shown, determined hackers are able to circumvent highly secure sites.  In the past year, the Irish Police, Sony, NATO, the CIA, the UK’s Serious Organised Crime Agency (SOCA), and others, have been subject to various forms of hacks.

Reuters has not released any information about how the hackers got in, whether through WordPress or by targeting the domain itself.  The Reuters blog is hosted on its own sub-domain, blogs.reuters.com.