Twitter's DNS hijacked


At 9:57 (PST) on Thursday, December 17, 2009, an self-proclaimed Iranian hacker group seized control of the authoritative DNS for Twitter.com and kept control for an hour.  The hackers apparently had the correct username and password for Twitter's account on their DNS provider's system. The hackers redirected web requests for any hostname on twitter.com to a web site that claimed the site had been hacked by the "Iranian Cyber Army".  Deatils about the hackers' site can be found here.

Internet Identity was able to track the hacked DNS in real time using tools it developed for an upcoming service offering.  The hackers' site was actually hosted on four different IP addresses managed by three separate ISPs during the length of the attack.  All three ISPs are located in North America.  The hackers likely used multiple, rapidly changing IP addresses to avoid detection and make it harder to shut things down. Also, because they knew they'd hit so much traffic from Twitter, they were able to keep individual servers from getting overloaded.

An overview of the attack can be found here.
© 2008-2009 Internet Identity | Privacy Policy | Home | News | Solutions | About Us | 888-239-6932 | +1 253-590-4100

Note: All advertised performance claims are based upon direct, real-world trials for clients and prospects against our competitors. References who can further substantiate these claims are available to qualified prospects upon request. We encourage you to compare our service performance against our peers head-to-head for yourself!