Feeds

back to article Web.com DNS hijack: How hacktivists went on a mass web joyride spree

Web.com has promised to beef up its security and hire more staff after hacktivists hijacked its DNS records and diverted visitors away from various websites. The websites for freebie antivirus firms AVG and Avira, computer security toolkit Metasploit, and mobile messaging outfit WhatsApp were all successfully targeted by a pro- …

COMMENTS

This topic is closed for new posts.
Bronze badge

Well, that's such a good idea

I know that if _I_ had my time wasted by idiots trying to get across a political point by hijacking my web connections, _I_ would definitely be prone to taking their side.

Or maybe not.

Y'all sure that those 'Palestinians' aren't really being run from Tel Aviv?

0
5
Anonymous Coward

Re: Well, that's such a good idea

>>Y'all sure that those 'Palestinians' aren't really being run from Tel Aviv?

More like Glilot. Unit 8200, basically the Israeli NSA, is not located in Tel Aviv.

But I kind of doubt it. Israelis would be hijjacking the computers for botnets, not just modifying DNS records to redirect users toward whatever. The Iranians also tend to try to build botnets from what's been observed so far. But with no malware being dropped, it was either a target of opportunity or a PR stunt.

2
0
Bronze badge

Re: Well, that's such a good idea

You mean that the 'Palestinians' really are that eff'n STUPID!?

Bloody hell. That's umpty-ump _thousand_ potential supporters that they just pissed off... Idiots.

0
1
Silver badge

In another area of life

If my bank received a fax , with my name at the bottom, asking to transfer a large amount of money to a certain Nigerian bank account, I wonder what they'd do.

7
0
Bronze badge

Re: In another area of life

If my bank received a fax , with my name at the bottom, asking to transfer a large amount of money to a certain Nigerian bank account, I wonder what they'd do.

That might depend on whether or not the fax contained your signature. A signed order most likely would be honored, as it isn't that much different from a check (cheque for those on the east side of the pond).

0
2
Bronze badge
Facepalm

Re: In another area of life

I hope you aren't serious!

Obviously a faxed signature could easily be copied/pasted!

1
0
Bronze badge

Re: In another area of life

If the proper forms were filled out and signed, yep it could happen. Of course some banks would require you to fax over photo ID. But it's not like ID could be faked or impossible to read via fax. So nothing to worry about.

1
0
Bronze badge
Stop

Re: In another area of life

Eeeeeeeeeeeek!

0
0
Silver badge

Re: In another area of life

Nothing, unless you'd previously told them that it was okay for them to receive orders by fax.

0
0
Bronze badge

Re: In another area of life

Don't know about your bank, but Network Solutions would most certainly invest.

0
0
FAIL

Re: In another area of life

>If my bank received a fax , with my name at the bottom...

Speaking from personal experience, don't be surprised if they do. Thankfully I did get it back, not least (and perhaps luckily) as it could easily be seen that I couldn't be at a cash machine in one country while simultaneously sending a fax from another.

0
0
Silver badge

Re: In another area of life

Money transfers are not quite that simple even between banks in cooperating western nations. Every time I've been involved in a funds transfer the sender has had to appear in person to make the request.

However, these were all personal account transactions, and businesses obviously cannot work that way.

Under New York/Federal Statutes, the transaction described is clearly a fraud and the individual who presumably did not sign the transfer instrument would not be liable for the funds in most cases (some exceptions mostly having to do with unregulated accounts or very large sums of money exist that would complicate the outcome).

If you would like to test the law in your jurisdiction, simply have someone else send a fax requesting funds be transferred from your account to:

Stevie Nest Egg Account

Alpenschtock Fiscal Reserve (Routing Code 84115)

Hoordinon D.Q.T.

Zurich, Switzerland

Should the funds arrive I will confirm the success of the experiment and immediately return the money. I cannot, of course, stand as guarantor for misdirected funds lost in transit.

0
0
Anonymous Coward

Interesting. The only traffic I ever saw from a web.com IP was spam.

0
0

This post has been deleted by its author

Why does anyone even use NetSol at this point?

I don't get why anyone even trusts them to fix their internal processes. Network Solutions has known about this method of hijacking domains for over a decade and has still done nothing about it other than to argue in court that it's not their problem and they have no responsibility to fix it when it does happen.

0
0

Wait, what?

People still use Network Solutions as their domain registrar?

0
0
Anonymous Coward

Fit for the clueless

The clueless want less protection of communications.

0
0
Bronze badge
Facepalm

Head... meet desk

THUD!

THUD!

THUD!

THUD!

0
0

Bloody NetSol

Nice to know that they havn't updated the change DNS process there in over 12 years.

If i remember correctly to change the DNS password all i had to do was:

Fax request to change password on company letter headed paper, any company would do.

Fax photo id with same name on it as the registered domain owner, if the domain was registered to a company any ID would do.

0
0
Meh

No compromise?

Our website was hijacked for a small period of time, during which attackers redirected our website to another IP address. We can confirm that no user data was lost or compromised.

If the fake website managed to catch any username/password data, then those accounts are compromised and the owners of the real website would not know, so they cannot confirm any such thing.

Did I miss something?

0
0
Anonymous Coward

Typical advertising blunder...

"KDMS boasted that its tactics allowed it to get their political message to 850,000 surfers."

So, another group that subscribes to the 'any publicity is good publicity' school of thought.

However, here in the real world, that's 850,000 more people that they've annoyed or frustrated - and who probably think they can stick their political message where the sun doesn't shine.

1
0
Silver badge

Bah!

Oh, it's all fun and games until you hack the wrong website and end up with a drone-fired missile coming through the living room window.

0
0

There must have been something else going on here

There must have been something else going on here. To have had so many high traffic sites successfully socially engineered at about the same time by (presumably) the same group just doesn't pass my smell test. The addendum regarding 'just the (no) fax ma'am' further muddies the water.

I had to deal with Register.com about a decade ago to access a client's lost DNS account password. All it took was a phone call from Canada to the US, which hardly filled me with confidence. Meamwhile the newly assigned password didn't work, however simply hitting the enter key when prompted for the password did the trick. NetSol or NSA, they sure have strange ideas about security.

0
0
This topic is closed for new posts.