Original URL: https://www.theregister.com/2012/08/17/reuters_blogs_hacked_again/

Breaking news, literally: Reuters hacked third time this MONTH

Buggy blog blamed

By John Leyden

Posted in Security, 17th August 2012 16:02 GMT

Reuters websites were hacked for third time in a fortnight when hackers posted a bogus article falsely claiming that Saudi Arabia's foreign minister Saud al-Faisal was dead.

The planting of the false report follows two similar attacks earlier this month. First, a bogus piece stating that the Syrian rebels were retreating appeared on a blog run by the news agency. Then, just days later, Reuters' Twitter feed was hijacked to post pro-Syrian government messages.

Reuters acknowledged the latest breach in a statement that provides few clues about who carried out the latest breach, or how the hack was pulled off.

"Reuters.com was a target of a hack on Tuesday. Our blogging platform was compromised and a fabricated blog post saying Saudi Arabia's Foreign Minister Prince Saud al-Faisal had died was illegally posted on a Reuters journalist's blog on Reuters.com," the statement explains. "Reuters did not report the false story and the post was immediately deleted. We are working to address the problem."

The news agency uses the WordPress platform for blogging. One plausible theory is that a vulnerability in this widely used package was used to pull off the latest attack, but this remains unconfirmed. ®