Hackers Hijack DNS, Take Twitter Offline
Article by George Norman
On 18 Dec 2009
For about half an hour today, popular micro-blogging site Twitter was taken offline by a group of hackers calling themselves the Iranian Cyber Army. Visitors to Twitter were redirected to a webpage that presented a green flag and the following message: This site has been hacked by Iranian Cyber Army. It would seem the hackers managed to change Twitter’s DNS (Domain Name System) records, thus redirecting traffic way from the micro-blogging site.

“Twitter's DNS records were temporarily compromised tonight but have now been fixed. As some noticed, Twitter.com was redirected for a while but API and platform applications were working. We will update with more information and details once we've investigated more fully,” commented Twitter founder Biz Stone.


The compromised DNS records have been fixed and Twitter service is now back to normal.

If DNS hijacking is the reason why users could not access Twitter, then it means the micro-blogging site’s servers may no have been breached by the Iranian Cyber Army, say Graham Cluley, Senior Technology with Sophos, company that specializes in providing antivirus, anti-spam, spyware removal software, network and internet security, data protection, and computer security solutions.

“DNS records work like a telephone book, converting human-readable website names like twitter.com into a sequence on numbers understandable by the internet. What seems to have happened is that someone changed the look-up, so when you entered twitter.com into your browser you were instead taken to a website that wasn't under Twitter's control,” explained Cluley.

Cluley then poses a legitimate question: “how did the hackers manage to change the DNS records for twitter.com?” One theory put forth by the security consultant is that the hackers somehow managed to guess the password and then logged in as Twitter’s DNS records administrators.

It should be mentioned that just because an image says Twitter was hacked by the Iranian Cyber Army, it doesn’t necessarily mean the hackers are connected with Iran. There was no evidence that hackers from Iran are responsible for this incident.

Update 12.21.2009 Biz Stone provided the following comment
: "DNS settings for the Twitter web site were hijacked. From 9:46pm to 11pm PST, approximately 80% of Traffic to Twitter.com was redirected to other web sites. During the attack, we were in direct contact with our DNS provider, Dynect. We worked closely to reset our DNS as quickly as possible. The motive for this attack appears to have been focused on defacing our site, not aimed at users—we don't believe any accounts were compromised. If you're concerned that your account could have been affected in some way, feel free to contact us, accountsafe [at] twitter.com."

Tags: Twitter, Hackers, DNS
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Hackers Hijack DNS, Take Twitter Offline
HTML Linking Code