We have recently seen many instances where hackers were successfully able to redirect users visiting popular sites to other pages. Syrian Electronic Army has deployed this tactic towards New York Times in recent days. On Wednesday, a hacker was able to redirect the site of a Syrian telecom provider to that of AT&T and then T-Mobile.
The hacker apparently didn’t mean any serious business and pulled off this stunt as more of a prank. He was successfully able to redirect any such users who tried to visit the official site of Syrian Telecommunications Establishment (STE) to the sites of AT&T and T-Mobile.
Redirecting sites in this way involved modifying their DNS record. DNS records essentially translate a given domain name into the exact IP address where it is hosted. If the corresponding IP address is changed, the same site starts mapping to a different page.
In this recent hack, security researchers have speculated that the domain registrar of STE offered poor security. The server which was being used by STE was also used many other web-based services. And it was probably through these web services that the hacker was able to gain access to this server.
The cyber attack on New York Times was of a similar nature when hackers were able to access the domain registrar of NYT, namely Melbourne IT. Once they had access to Melbourne IT servers, they were able to modify the DNS details of NYT, as hosted with the registrar and thus, make the site unavailable for long hours.
Courtesy: PC Mag