Categories: SecurityWorkspace

Hackers Hijack The Register And The Telegraph

Hackers hijacked the DNS records of a series of well known websites yesterday evening, including The Telegraph, The Register and Acer.

Visitors to the affected sites were redirected to a message from a Turkish hacking group that read: “We TurkGuvenligi declare this day as World Hackers Day.” The websites of Vodafone, Betfair, UPS and National Geographic were also hit in the same attack.

Hackers’ Turkish delight?

The hackers responsible told The Guardian in an email interview that they were expert in exploiting web vulnerabilities and did so for entertainment.

Reporting on the incident, The Register’s Drew Cullen wrote this morning that the site’s DNS (Domain name System) records were restored after around three hours.

He wrote: “The Register‘s website was not breached. And as far as we can tell there was no attempt to penetrate our systems. But we shut down access / services – in other words, anything that requires a password – as a precaution.”

Zone-h reports that the affected sites all share the same registrar, NetNames, saying: “It appears that the turk­ish [sic] attack­ers man­aged to hack into the DNS panel of Net­Names using a SQL injec­tion and mod­ify the con­fig­u­ra­tion of arbi­trary sites.”

Graham Cluley, senior technology consultant at Sophos, wrote on the Naked Security blog that it may take several hours for the corrected DNS information to propagate worldwide and warned users against logging onto affected websites.

“If you’re in the habit of visiting and logging into the affected sites, you might be wise to clear your cookies so the hackers aren’t able to steal any information from you,” he wrote.

The Internet’s phonebook

The DNS system acts as the Internet’s phone book, converting domain names such as eweekeurope.co.uk into machine readable numbers – the actual IP address. Its security is critical to the functioning of the internet.

In July, Nominet, the registry for.uk domain names began offering a free-trial of the DNS Security Extension (DNSSEC), which ICANN approved for use in the US last year.

It is designed to guarantee that DNS information returned in a query is valid, from the intended source and its integrity has not been compromised during transmission.

The secure protocol specifically protects against two types of attack known as “cache poisoning” and “man-in-the-middle attacks” that can be used to distribute malicious software and commit fraud by directing users to phony sites.

Back in December 2009, for example, the DNS settings for Twitter.com were hijacked, resulting in the redirection of around 80 percent of the service’s traffic to a site purporting to be under the control of the Iranian Cyber Army.

David Jamieson

Recent Posts

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

17 mins ago

US Supreme Court Agrees To Hear TikTok Appeal

US Supreme Court says it will hear appeal of TikTok and parent ByteDance against ban…

47 mins ago

Japanese Space Start-Up Destroys Second Rocket After Launch

Japanese start-up Space One destroys Kairos rocket for second time shortly after launch, as country…

1 hour ago

CATL Aims To Massively Expand EV Battery-Swap Infrastructure

World's biggest EV battery maker CATL aims to build 1,000 battery-swap stations next year, rising…

2 hours ago

Facebook ‘Restricted’ Palestinian News Content

Facebook has 'severely restricted' news content from Palestinian outlets since October 2023 amidst bias concerns,…

2 hours ago

Amazon Faces Strike Action In US Ahead Of Christmas

Amazon faces strike actions at facilities across US days before Christmas as union members authorise…

3 hours ago