Twitter.com DNS hijacked?
Internet, posted: 18-Dec-2009 19:50
Twitter.com seems to be hijacked at the moment:
;; QUESTION SECTION:
;twitter.com. IN A
;; ANSWER SECTION:
twitter.com. 1901 IN A 74.217.128.160
;;; QUESTION SECTION:
;160.128.217.74.in-addr.arpa. IN PTR
;; ANSWER SECTION:
160.128.217.74.in-addr.arpa. 3600 IN PTR w-160.netfirms.com.
Was wondering why this popped up instead of the Twitter site before:
My good friend Dylan Reeve tells me that the "Iranian Cyber Army" may be behind the DNS hijack but I don't get that page at the moment, only a PNAP hosted one when I try to load twitter.com.
Update I Fat-fingered a PTR DNS query, and wrongly ended up at www.perfectworld.com - fixed.
Update II Biz Stone at Twitter confirms that it was a DNS hijack. He doesn't believe any accounts were compromised.
Other related posts:
Two-factor authentication broken
The problem with naming and shaming
Hitler finds out that Google Reader is being shut down
;; QUESTION SECTION:
;twitter.com. IN A
;; ANSWER SECTION:
twitter.com. 1901 IN A 74.217.128.160
;;; QUESTION SECTION:
;160.128.217.74.in-addr.arpa. IN PTR
;; ANSWER SECTION:
160.128.217.74.in-addr.arpa. 3600 IN PTR w-160.netfirms.com.
Was wondering why this popped up instead of the Twitter site before:
My good friend Dylan Reeve tells me that the "Iranian Cyber Army" may be behind the DNS hijack but I don't get that page at the moment, only a PNAP hosted one when I try to load twitter.com.
Update I Fat-fingered a PTR DNS query, and wrongly ended up at www.perfectworld.com - fixed.
Update II Biz Stone at Twitter confirms that it was a DNS hijack. He doesn't believe any accounts were compromised.
Tag(s):
Other related posts:
Two-factor authentication broken
The problem with naming and shaming
Hitler finds out that Google Reader is being shut down
comments powered by Disqus
