In association with heise online

18 December 2009, 12:20

Cracking attack on Twitter

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Instead of tweets, users accessing the home page of the Twitter micro-blogging service on Friday morning were presented with an "Iranian Cyber Army" page. The actual originator of the attack, however, remains unknown.

According to a post on the Twitter blog, the crackers manipulated DNS entries in such a way that users trying to access reached a server controlled by the crackers instead of the Twitter pages. Reportedly, Twitter's own servers were not attacked. The DNS entries have since been corrected, and is accessible again. Users running third-party desktop or mobile clients which use the Twitter API didn't encounter the problem.

Twitter doesn't mention how the crackers carried out the DNS manipulation. It could be that a Twitter admin fell victim to a phishing attack and disclosed the access credentials for configuring the DNS data at the registrar. In the past week, several security firms registered an increased number of such attacks on administrators. A similar wave of phishing attacks to obtain registrar access data occurred last year. At the time, ICANN responded by issuing a warning.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit