Wednesday, February 23, 2011

Iranian cyber army strikes again hitting Voice of America || #iDEFENSE #ISRAEL

Iranian cyber army strikes again -- hitting Voice of America

A Network Solutions account was compromised by the same group that changed DNS settings for Twitter and Baidu a year ago

The pro-Iran hacktivist group that defaced the Baidu and Twitter Web sites a year ago has hit another target: the U.S. Government's Voice of America news site.

Voice of America was knocked offline temporarily Monday after hackers were able to change the organization's DNS (Domain Name System) settings, redirecting Web traffic hitting Voice of America sites to another site controlled by the hackers.

"On Monday, February 21, VOANews.com's primary domain, along with numerous related domains registered with Network Solutions, were hacked by an unknown party. This enabled the hacker to redirect VOA URLs to a site claiming to be run by a group called the 'Iranian Cyber Army,'' Voice of America said Tuesday in a statement posted to its Facebook page.

Visitors to the Web page saw a statement addressed to U.S. Secretary of State Hillary Clinton, telling the U.S. to "stop Interfering in Islamic countries."

Breaking into domain name registration accounts and redirecting Web sites is a favorite tactic of the Cyber Army, and it has pulled off this attack numerous times in recent years. The group posted similar messages in the Twitter and Baidu incidents.

After it was hacked, China's top search engine company, Baidu, sued its domain name registrar, Register.com, claiming that hackers got into the account by pretending to be Baidu representatives in an online chat with the registrar's tech support staff. That lawsuit was quietly settled at the end of November.

The Web site Shortwavepirate.info has compiled a list of Web sites hit by the Cyber Army.

Most of the Voice of America sites have now been restored, and no data was lost due to the incident, said Network Solutions Director of Social Media Shashi Bellamkonda, in an interview Tuesday. He wouldn't say exactly how the hackers were able to change the DNS. "It isn't a hack or a breach of Network Solutions services," he said. "The DNS was changed and we helped the customer reset it."

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

http://www.techworld.com.au/article/377622/iranian_cyber_army_strikes_again_-...

Posted via email from Whistleblower

No comments:

Post a Comment