.jpg)
One of the World's most used messaging app - WhatsApp was hijacked by some group of Palestinian hackers called THE KDMS TEAM.According to CNET The Web site of WhatsApp, a widely used messaging app, was hijacked Tuesday showing a pro-Palestinian message at 2:40 a.m. PT Tuesday and was given the title "You Got Pwned" by a group called KDMS Team claimed credit for the attack.
"Our Web site was hijacked for a small period of time, during which attackers redirected our Web site to another IP address, we can confirm that no user data was lost or compromised. We are committed to user security and are working with our domain hosting vendor Network Solutions on further investigation of this incident," a company spokesperson said.
The WhatsApp home page has since been returned to normal, but during the attack, it was noted that the Domain Name Service records for the WhatsApp site had been changed. This would suggest that the attackers had not actually cracked into WhatsApp, but had instead used DNS spoofing to hijack the web site's address. Later today, WhatsApp did confirm this was the method of attack used.
According to the Whois database, which can be used to see what numeric Internet Protocol (IP) address is assigned to a given Internet domain, the whatsapp.com IP address record was changed on Tuesday. Such a change, made through the Internet's Domain Name Service (DNS) system, is one way that users who typed in the whatsapp.com name would be redirected to a different Web site...
DNS spoofing is an increasingly popular way for malicious hackers to effectively obtain access to a web site. The vulnerability of DNS servers is a pressing problem for the unhindered flow of information and commerce on the Web. All the website security in the world won't make a bit of difference if a domain name is stolen right out from under a company's nose.
Registrars will need to step up their security game to block direct-access address hacks, and customers will have to watch their own step so that an identity thief doesn't make a domain change on their behalf.
No comments:
Post a Comment