BullGuard

Security vendors websites compromised by hackers

Posted by stevebell28@rocketmail.com | October 9, 2013

Anonimous (1)

 

Hijacking hackers re-route traffic for antivirus software and Internet security websites to a pro-Palestinian political website that belts out a particularly fervent rendition of the Palestinian national anthem.

 

Avira, a well known antivirus vendor and also AVG, another software security company, had their websites defaced.  At the time of writing anybody attempting to visit the Avira page would be presented with a screen espousing the cause of Palestinians and also a patriotically fervent rendition of the Palestinian national anthem.

 

 

 

The hackers, calling themselves the KDMS team, posted a message that essentially said Palestinian land has been stolen by Zionists, prisoners should be freed from Israeli jails and the Palestinians want to live in peace, complete with maps showing how much Palestinian land has disappeared from 1946 to 2000.  

 

They also delivered a second message: ‘There is no full security, we can catch you,’ but with respect to the web site defacements it’s not strictly true. The attacks seem to have been based on something called a Domain Name System (DNS) hijack. Essentially, malware is directed at a server, it overrides the server’s traffic control and redirects the Internet traffic to another server.

 

It appears this is what happened rather than the company networks being penetrated and the web sites actually being hacked. But nevertheless it’s still embarrassing.  AVG seem to have got on to it quickly with the DNS hijack being relatively short lived and the website available soon afterwards. Avira on the other hand was still broadcasting the stirring national anthem, several hours after the DNS hijack was noticed.

 

The KDMS Team also claimed to have hacked LeaseWeb, a web hosting company, over the weekend and several other sites including, the hugely popular messaging service WhatsApp and Alexa a company that provides analytics for web sites and other information.

 

It’s interesting to note however, that some of the compromised web sites share a common domain registrar, Network Solutions, which suggests that the hackers may have compromised this network, rather than individual company servers. The KDMS Team was claiming the ‘scalps’ on its Facebook page until the page was removed.

 

Many hackers love a cause and earlier this year hundreds of Israeli web sites came under attack from pro-Palestinian hackers. Dozens of government and private websites were disrupted. The hackers said their rather ambitious aim was to erase Israel from cyber space. According to a security consultant who helped the Israel government track the attacks, about 1,500 hackers were involved from locations such as the Gaza Strip, North Africa and Indonesia. 


Comments





bottom roundness