Hackers take down Melbourne IT site, following Twitter, New York Times attack

Summary:The hackers who commandeered Melbourne IT reseller credentials to change Twitter and The New York Times' DNS records, also took down the blog of the hosting company.

(Screenshot: ZDNet)

The Syrian Electronic Army, credited with attacking Twitter and The New York Times on Tuesday, has hacked and defaced the blog of a Melbourne, Australia-based hosting company at the heart of the incidents.

Both companies suffered downtime on Tuesday afternoon after suffering an issue with its DNS provider, which led to the modification of DNS records for both the microblogging site and the New York-based newspaper giant. 

Twitter said, "no user information was affected by this incident," while the Times confirmed that it suffered an outage "following an attack on the company’s domain name registrar, Melbourne IT."

Speaking to ZDNet, the hosting company confirmed that the thought-to-be sophisticated attack turned out to be relatively simple. Melbourne IT confirmed that valid reseller credentials were used to log in and change records associated with the domain names nytimes.com and twitter.com.

According to ZDNet's Michael Lee , the credentials were reset and affected records returned to their previous values. Affected records, which did not have a "lock" feature enabled at the time, have now been locked to prevent any further changes.

But now Melbourne IT has suffered an additional breach, specifically targeting the hosting company's blog.

In a tweet sent out at 9:09 a.m. ET on Wednesday, an account linked to the Syrian Electronic Army said: 

It's understood that the Syrian Electronic Army were able to exploit a weakness in an older version of WordPress version running on the site. 

The company's main site, however, remains up and working.

We attempted to contact Melbourne IT by phone, but the company did not respond outside Australian business hours.

Topics: Security


Zack Whittaker is a writer-editor for ZDNet, and sister sites CNET and CBS News. He is based in the New York newsroom. His PGP key is: EB6CEEA5.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.