/>
X
Innovation

Hackers had Melbourne IT reseller credentials to attack NYT, Twitter

No sophisticated attack was required to attack The New York Times and Twitter, as hackers already had valid credentials to allow them to change DNS entries.
Written by Michael Lee, Contributor on

A Melbourne IT reseller account is at the heart of the investigation into how hackers managed to commandeer the DNS records of The New York Times and Twitter.

Overnight, The New York Times and Twitter revealed that their DNS entries had been maliciously modified, with the Syrian Electronic Army taking credit for the attack. Melbourne IT has now confirmed that one of its customers was targeted by the hacking group, and has taken action to undo the damage created.

The hosting company told ZDNet that valid credentials were used to log in to one of its reseller accounts responsible for the affected domain names, including nytimes.com.

The credentials have been reset, affected records returned to their previous values, and the records themselves locked to prevent changes.

Melbourne IT said that registry lock features were not in use on all of the domains that the reseller was responsible for, including The New York Times. Those domains that did have the feature turned on were not affected.

At the moment, the company is reviewing its logs to determine whether it can uncover the identity of who used the credentials, and has stated that it will work with the reseller and relevant law enforcement organisations. It will also review its security circumstances to determine whether it can add any layers of security to its reseller accounts.

Editorial standards

Related

How much RAM does your Windows 11 PC need?
adobestock-339222220

How much RAM does your Windows 11 PC need?

What is ChatGPT and why does it matter? Here's what you need to know
chat bot

What is ChatGPT and why does it matter? Here's what you need to know

How to nail the 'Do you have any questions for me?' part of the interview
job interview

How to nail the 'Do you have any questions for me?' part of the interview