We all remember last month Twitter was hacked by a group of Hacker who call themselves “Iranian Cyber Army”.

The message read

Iranian Cyber Army

THIS SITE HAS BEEN HACKED BY IRANIAN CYBER ARMY

iRANiAN.CYBER.ARMY@GMAIL.COM

U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don’t, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To….

NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA?
WE PUSH THEM IN EMBARGO LIST
Take Care.

After this Iranian Army has grown and now they are emerging as a big group, we can only speculate there power by seeing that they are able to Hack China’s Biggest Search Engine (it was no more Hack it was a real time war, continue reading to know why I am saying it a War).

Baidu is a Chinese search engine established in 2000. According to the Alexa traffic ranking, the website is currently number one in China and eight in the world.  What actually happened is hackers hijacked the Baidu domain’s DNS records and pointed it to a server under their control.

After hacking Baidu they posted the following message

The message reads

“THIS SITE HAS BEEN HACKED BY IRANIAN CYBER ARMY.”

Additional text written in Persian translates

The Iranian Cyber Army has been established in protest to foreign countries and Zionists interfering in the domestic affairs of our country and broadcasting false news.”

This is the biggest Hack attack so far that has been publicly known by a Millions n Millions of people.

Baidu was inaccessible in all cities and provinces in China, including other countries from all over the world. Instead of seeing the usual Baidu search engine page, Internet users were utterly shocked to find a message saying “‘This site has been hacked by Iranian Cyber Army”, complete with an Iranian flag and a shattered Star of David. Below a sentence in Farsi read, “In reaction to the US authorities’ intervention in Iran’s internal affairs. This is a warning.”

According to security experts in China, Baidu’s DNS records appear to have been tampered with. There have been quite a number of changes of the records due to backdoors of Register.com (company that host Baidu.com).

Here’s what exactly happened. Timeline

At 9 a.m., Baidu’s Name Server record was switched to YNS1.YAHOO.COM and YNS2.YAHOO.COM by hackers. Yahoo noticed that and set up a reverse proxy for Baidu.

At 10 a.m., Baidu’s Name Server was again modified to NS2303.HOSTGATOR.COM and NS2304.HOSTGATOR.COM, and pointed to 127.0.0.1, which caused Baidu.com and all its sub-domains to be inaccessible at all. Both Baidu engineers who were desperate to restore the site and the Iranian Cyber Army were involved in a “tug-of-war”.

At 11 a.m., Baidu’s DNS has been changed back to DNS010.D.REGISTER.COM, DNS050.C.REGISTER.COM, DNS190.B.REGISTER.COM, DNS204.A.REGISTER.COM.

At 12 p.m., the Chinese search engine juggernaut won the three-hour-long battle after changing the DNS records back to DNS.BAIDU.COM, NS2.BAIDU.COM, NS3.BAIDU.COM, NS4.BAIDU.COM.

There was complete war like situation between Hackers and Baidu, and we know who wins.

But do you know why these guys attacked Twitter, here is the possible answer from TechCrunch.com-

There is a history between Iran and Twitter. It was well noted and covered in the media that Twitter was used as a tool during the Iranian election protests. The US government actually intervened to assure that Twitter was available to the protestors in Tehran and around the country. This attack may be an act of reprisal from groups who were not happy with the role that Twitter played during the protests.

However, it was unsure why the same hackers have decided to take down China’s Baidu. Some sources claims that it was due to it might be in relation to Iran’s nuclear ambitions. Meanwhile, the Chinese media reported that security experts could not figure out the main gist behind the DNS hijack.

Sources : TechCrunch, SoftPedia and TechXav

Popular on Web Today