News

LinkedIn social networking site hit by DNS hijacking

Warwick Ashford

Professional networking site LinkedIn has been hit by a DNS hijacking attack, but the service appears to have been restored after two breaks, shown by monitoring service down right now.

LinkedIn acknowledged a “DNS issue” in a tweet around 3am BST, saying its engineers were working on it, but had not issued an update since.

DNS hijacking can be achieved in several ways, such as using malware to subvert the resolution of Domain Name System (DNS) queries to redirect traffic to a DNS server under the control of an attacker.

App.net co-founder Bryan Berg was first to blog about the security risk, noting that, for at least an hour, all LinkedIn traffic had been sent to a network hosted by confluence-networks.com.

According to Berg, that site does not require SSL (secure sockets layer), which means that anyone who visited LinkedIn during the hijacking would have sent their long-lived session cookies in plain text.

Questions around security at LinkedIn were raised after a data breach in June 2012 when the professional social network confirmed that some of the stolen passwords posted online by a hacker corresponded to accounts on the professional networking site.

The confirmation came after reports that 6.5 million encrypted stolen passwords had been posted on a Russian web forum and that hackers were working to decrypt them.

The stolen passwords were encrypted using an outdated SHA-1 hash function created by the US National Security Agency.

After the breach, LinkedIn said it had improved password-strengthening measures and enhanced the security of its infrastructure and data.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy