Juha Saarinen




Twitter.com DNS hijacked?

, posted: 18-Dec-2009 19:50

Twitter.com seems to be hijacked at the moment:

;; QUESTION SECTION:

;twitter.com. IN A

;; ANSWER SECTION:

twitter.com. 1901 IN A 74.217.128.160

;;; QUESTION SECTION:

;160.128.217.74.in-addr.arpa. IN PTR

;; ANSWER SECTION:

160.128.217.74.in-addr.arpa. 3600 IN PTR w-160.netfirms.com.

Was wondering why this popped up instead of the Twitter site before:

twitter

My good friend Dylan Reeve tells me that the "Iranian Cyber Army" may be behind the DNS hijack but I don't get that page at the moment, only a PNAP hosted one when I try to load twitter.com.

Update I Fat-fingered a PTR DNS query, and wrongly ended up at www.perfectworld.com - fixed.

Update II Biz Stone at Twitter confirms that it was a DNS hijack. He doesn't believe any accounts were compromised.


Tag(s):       


Other related posts:
This is how ridiculous the whole Intellectual Property Rights situation is
What SOPA means for business and innovation
Fritz!Box in the house


 

Permalink to Twitter.com DNS hijacked? | Add a comment (6 comments) | Main Index



Comment by bvidulich, on 18-Dec-2009 20:53

Good thing you posted that, because I was starting to wonder if my internet had something wrong with it.

I do wonder how it is that Twitter has such poor system performance & poor security that it can be hijacked so easily. The website also seems to say that it is overloaded (Twitter error) a lot. I would have thought that being such a popular website that they would have better infrastructure to support all the users, especially during peak periods and have adequate security so that service remains available to all users.

Comment by freitasm, on 18-Dec-2009 21:43

It wasn't Twitter - it was its DNS records, which are probably maintained by a hosting company, or these folks used a DNS injection. Nothing on their server...

Comment by Super Sonic Undies, on 18-Dec-2009 22:48

Well the site was hacked by (not kidding) the Iranian Cyber Army with threats against the US. I should have taken a screenie but thought it would be all over the web. Was down for about 45 minutes or so.

Comment by Super Sonic Undies, on 18-Dec-2009 22:48

Well the site was hacked by (not kidding) the Iranian Cyber Army with threats against the US. I should have taken a screenie but thought it would be all over the web. Was down for about 45 minutes or so.

Comment by John Jr, on 20-Dec-2009 12:59

It reminds me Malaysiangp hijacked by Brainwash

Comment by Rory, on 23-Feb-2010 03:24

Wow...I hope this one will serve as a warning to the public that sharing too much info. online is not a safe pratice!

Add a comment

Please note: comments that are inappropriate or promotional in nature will be deleted. E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.

Your name:

Your e-mail:

Your webpage:



Writing


Google News search

Wired

Guardian

IT News

PC World New Zealand

Computerworld NZ

PC World and Computerworld Australia

PC World US

Computerworld US

NZ Herald

Virus Bulletin

Content copyright © Juha Saarinen. If you wish to use the content of my blog on your site, please contact me for details. I'm usually happy to share my material as long as it's not for spamblogs and content farms. Please attribute with a link back to this blog. If you wish to advertise on my blog, please drop me an email to discuss the details.

Comments policy
All comments posted on this blog are the copyright and responsibility of the submitters in question. Comments commercial and promotional in nature are not allowed. Please ensure that your comments are on topic and refrain from making personal remarks.









This blog is hosted by Geekzone. Report this post. Contents are property and copyright of the author, or licensed. Geekzone®