DNS hack hits multiple websites

A number of high profile websites have had access disrupted on Sunday evening by a DNS hack. The Register, The Daily Telegraph, UPS, BetFair and Acer are among those where access has been redirected to an attacker's home page; at the time of writing, users of Sky and Be Internet are reporting the diversion.

A number of high profile websites have had access disrupted on Sunday evening by a DNS hack. The Register, The Daily Telegraph, UPS, BetFair and Acer are among those where access has been redirected to an attacker's home page; at the time of writing, users of Sky and Be Internet are reporting the diversion.

According to Zone-H, an online archive and monitor of website defacements, around 186 sites worldwide appear to have been affected.

Turkhack

The diverted page says: "TurkGuvengligi "Gel Babana" HACKED "h4ck1n9 is not a cr1m3"

"4 Sept. We TurkGuvenligi declare this day as World Hackes Day - Have fun ;) h4ck y0"

The affected sites' name servers, which govern the Internet address that corresponds to a site's name, have been changed to ns1.yumurtakabugu.com and ns2.yumurtakabugu.com.

The Register tweeted "A DNS hijack, we think [...]. We have shut down access / services as a precaution."

Because of the way DNS works, these changes are currently propagating throughout the global DNS system, and those attempting to access the original sites may find disruption for between three and 24 hours. Different ISPs will vary in if and when they accept the fakes and the consequent valid updates.

Those who are registered with the sites and normally expect to be automatically logged in should clear browser cookies before attempting to access them, as there is a risk that authentication information sent from the browser may be intercepted. Email to the sites may also be disrupted or intercepted.

[UPDATE] Some three hours after the first reports of the hack, both the Daily Telegraph and the Register have had their proper name server entries restored, but as noted above it will take some time for the proper information to replace the diversions across the global DNS.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All