Security analysts at Intelligence firm InterCrawler published the details of the investigation on recent attack against CNN Blogs and social media accounts. Recently a few social media accounts belonging to CNN and blogs were compromised, including CNN’s main Facebook account, CNN Politics’ Facebook account and the Twitter pages for CNN and CNN’s Security Clearance. At the same time blogs Blogs for Political Ticker, The Lead, Security Clearance, The Situation Room and Crossfire were hacked.
According to cyber intelligence firm IntelCrawler, attackers conducted a multi-stage spear phishing attack against CNN and Turner employees to obtain information used in successive attack to CNN blogs, as well as some third party publishing platforms based on WordPress and Hootsuite.
The e-mail messages appear to come from a trusted source, like colleagues or partners, and allowed attackers to compromise several of corporate e-mail accounts and started to spread malicious links which in fact led to a fake authorization page for Microsoft Outlook Web App. Details at the Security Affairs Blog: