Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Chinese surf engine brought down by Hackers

Sophos : 13 January, 2010  (Technical Article)
The same hackers that attacked Twitter in December have succeeded in defacing Baidu.com, China's primary search engine that exceeds Google's popularity in the country
IT security and data protection firm, Sophos, has reminded website owners to properly secure their systems following the overnight attack against Baidu.com, China's number one website. The hackers displayed a message from the 'Iranian Cyber Army' on the search engine giant's home page.

Earlier today, visitors to Baidu.com's site were greeted with the message - 'This site has been hacked by Iranian Cyber Army' - alongside a picture of the national flag of Iran. The attack appears to be by the same group who posted similar messages on Twitter's website in December, inconveniencing millions of micro-bloggers.

'In China, Baidu outranks Google as the search engine of choice, receiving many millions of visits every day. That makes it an extremely attractive target for cybercriminals. Anyone who manages to breach its security has the potential to make a big impact,' said Graham Cluley, senior technology consultant at Sophos. 'Chinese surfers should be breathing a great sigh of relief that the hackers didn't exploit this opportunity to infect computers, and instead engaged in what appears to be political graffiti. Questions will be asked, however, as to how this high profile hack was possible.'

Speculation is mounting that Baidu's web servers weren't actually hacked themselves, but instead its DNS records were compromised. This was how Twitter was struck by the Iranian Cyber Army last month.

'DNS records work like a telephone book, converting human-readable website names like baidu.com into a sequence of numbers understandable by the internet,' explained Cluley. 'It's possible that someone changed the lookup, meaning whenever surfers entered baidu.com into their browsers they were instead taken to a website that wasn't under the search engine's control. If that third party website had contained malware then millions of computers could have been infected and identities stolen. Attacks like this are a reminder to everyone that you always need to have security scanning every webpage you visit, even if it's a well-known legitimate website.'
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo