back to article Web.com DNS hijack: How hacktivists went on a mass web joyride spree

Web.com has promised to beef up its security and hire more staff after hacktivists hijacked its DNS records and diverted visitors away from various websites. The websites for freebie antivirus firms AVG and Avira, computer security toolkit Metasploit, and mobile messaging outfit WhatsApp were all successfully targeted by a pro …

COMMENTS

This topic is closed for new posts.
  1. James O'Shea

    Well, that's such a good idea

    I know that if _I_ had my time wasted by idiots trying to get across a political point by hijacking my web connections, _I_ would definitely be prone to taking their side.

    Or maybe not.

    Y'all sure that those 'Palestinians' aren't really being run from Tel Aviv?

    1. Anonymous Coward
      Anonymous Coward

      Re: Well, that's such a good idea

      >>Y'all sure that those 'Palestinians' aren't really being run from Tel Aviv?

      More like Glilot. Unit 8200, basically the Israeli NSA, is not located in Tel Aviv.

      But I kind of doubt it. Israelis would be hijjacking the computers for botnets, not just modifying DNS records to redirect users toward whatever. The Iranians also tend to try to build botnets from what's been observed so far. But with no malware being dropped, it was either a target of opportunity or a PR stunt.

      1. James O'Shea

        Re: Well, that's such a good idea

        You mean that the 'Palestinians' really are that eff'n STUPID!?

        Bloody hell. That's umpty-ump _thousand_ potential supporters that they just pissed off... Idiots.

  2. frank ly

    In another area of life

    If my bank received a fax , with my name at the bottom, asking to transfer a large amount of money to a certain Nigerian bank account, I wonder what they'd do.

    1. Fatman

      Re: In another area of life

      If my bank received a fax , with my name at the bottom, asking to transfer a large amount of money to a certain Nigerian bank account, I wonder what they'd do.

      That might depend on whether or not the fax contained your signature. A signed order most likely would be honored, as it isn't that much different from a check (cheque for those on the east side of the pond).

      1. Jamie Jones Silver badge
        Facepalm

        Re: In another area of life

        I hope you aren't serious!

        Obviously a faxed signature could easily be copied/pasted!

        1. kain preacher

          Re: In another area of life

          If the proper forms were filled out and signed, yep it could happen. Of course some banks would require you to fax over photo ID. But it's not like ID could be faked or impossible to read via fax. So nothing to worry about.

          1. Jamie Jones Silver badge
            Stop

            Re: In another area of life

            Eeeeeeeeeeeek!

          2. Stevie

            Re: In another area of life

            Money transfers are not quite that simple even between banks in cooperating western nations. Every time I've been involved in a funds transfer the sender has had to appear in person to make the request.

            However, these were all personal account transactions, and businesses obviously cannot work that way.

            Under New York/Federal Statutes, the transaction described is clearly a fraud and the individual who presumably did not sign the transfer instrument would not be liable for the funds in most cases (some exceptions mostly having to do with unregulated accounts or very large sums of money exist that would complicate the outcome).

            If you would like to test the law in your jurisdiction, simply have someone else send a fax requesting funds be transferred from your account to:

            Stevie Nest Egg Account

            Alpenschtock Fiscal Reserve (Routing Code 84115)

            Hoordinon D.Q.T.

            Zurich, Switzerland

            Should the funds arrive I will confirm the success of the experiment and immediately return the money. I cannot, of course, stand as guarantor for misdirected funds lost in transit.

    2. Dan 55 Silver badge

      Re: In another area of life

      Nothing, unless you'd previously told them that it was okay for them to receive orders by fax.

    3. Wzrd1 Silver badge

      Re: In another area of life

      Don't know about your bank, but Network Solutions would most certainly invest.

    4. CommanderGalaxian
      FAIL

      Re: In another area of life

      >If my bank received a fax , with my name at the bottom...

      Speaking from personal experience, don't be surprised if they do. Thankfully I did get it back, not least (and perhaps luckily) as it could easily be seen that I couldn't be at a cash machine in one country while simultaneously sending a fax from another.

  3. Anonymous Coward
    Anonymous Coward

    Interesting. The only traffic I ever saw from a web.com IP was spam.

  4. This post has been deleted by its author

  5. Gerhard Mack

    Why does anyone even use NetSol at this point?

    I don't get why anyone even trusts them to fix their internal processes. Network Solutions has known about this method of hijacking domains for over a decade and has still done nothing about it other than to argue in court that it's not their problem and they have no responsibility to fix it when it does happen.

  6. Franklin

    Wait, what?

    People still use Network Solutions as their domain registrar?

  7. Anonymous Coward
    Anonymous Coward

    Fit for the clueless

    The clueless want less protection of communications.

  8. taxman
    Facepalm

    Head... meet desk

    THUD!

    THUD!

    THUD!

    THUD!

  9. chuBb.

    Bloody NetSol

    Nice to know that they havn't updated the change DNS process there in over 12 years.

    If i remember correctly to change the DNS password all i had to do was:

    Fax request to change password on company letter headed paper, any company would do.

    Fax photo id with same name on it as the registered domain owner, if the domain was registered to a company any ID would do.

  10. Caesarius
    Meh

    No compromise?

    Our website was hijacked for a small period of time, during which attackers redirected our website to another IP address. We can confirm that no user data was lost or compromised.

    If the fake website managed to catch any username/password data, then those accounts are compromised and the owners of the real website would not know, so they cannot confirm any such thing.

    Did I miss something?

  11. Anonymous Coward
    Anonymous Coward

    Typical advertising blunder...

    "KDMS boasted that its tactics allowed it to get their political message to 850,000 surfers."

    So, another group that subscribes to the 'any publicity is good publicity' school of thought.

    However, here in the real world, that's 850,000 more people that they've annoyed or frustrated - and who probably think they can stick their political message where the sun doesn't shine.

  12. Stevie

    Bah!

    Oh, it's all fun and games until you hack the wrong website and end up with a drone-fired missile coming through the living room window.

  13. dotfnord

    There must have been something else going on here

    There must have been something else going on here. To have had so many high traffic sites successfully socially engineered at about the same time by (presumably) the same group just doesn't pass my smell test. The addendum regarding 'just the (no) fax ma'am' further muddies the water.

    I had to deal with Register.com about a decade ago to access a client's lost DNS account password. All it took was a phone call from Canada to the US, which hardly filled me with confidence. Meamwhile the newly assigned password didn't work, however simply hitting the enter key when prompted for the password did the trick. NetSol or NSA, they sure have strange ideas about security.

This topic is closed for new posts.

Other stories you might like