Pro-Palestinian hacktivists hit security sites

Pro-Palestinian hacktivists have attacked the websites of two IT security firms and a mobile messaging service

Pro-Palestinian hacktivists affiliated with online collective Anonymous have attacked the websites of two IT security firms and a mobile messaging service.

The hacktivists seized control of domain name system (DNS) records and redirected traffic for websites belonging to AVG, Avira and WhatsApp to pro-Palestinian messages, according to The Guardian.

The group, calling itself Kdms, claimed responsibility for the attacks on Twitter.

The DNS poisoning was enabled by a hack of domain name registrar and website hosting company Network Solutions using a bogus password-reset request.

DNS records provide a routing lookup for the internet and by assuming control of the DNS, hackers are able to redirect traffic to websites under their control.

DNS poisoning attacks have become increasingly popular as websites have improved security, forcing attackers to look for vulnerabilities in third-party suppliers to the target.

The New York Times and Twitter were hit by a DNS attack in August by another hacktivist group known as the Syrian Electronic Army.

The three websites have been recovered, but propagation of the corrected DNS routing across the internet could take days.

Commenting on the New York Times attack, Barry Shteiman, senior security strategist at Imperva, said the incident highlighted a prolonged security problem inherited in the way that companies rely on third-party public services to conduct their business.

“While a company like NYT may be able to secure their own platforms, harden their systems and regularly check for vulnerable components on premise, it is a much harder practice when some of that infrastructure is provided by a third-party like an ISP [internet service provider] or a DNS host,” he said.

According to Shteiman, CIOs need to realise that critical pieces of their online entities are controlled by suppliers and that security policies should apply to them as well.

“Companies should create contingency plans and check the security measurements taken by their third-party content and infrastructure providers. A DNS host is, unfortunately, a great example,” he said.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Hackers and cybercrime prevention



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: