Twitter hack group hits Baidu.com
Chinese search engine giant in DNS hijack drama
The same group that used a DNS attack to hijack Twitter last month has defaced the home page of Chinese search engine Baidu.
Surfers visiting Baidu site on Monday night were confronted by the message "This site has been hacked by Iranian Cyber Army", together with an image of the Iranian flag. Early speculation suggests the attack involved changing Baidu's DNS records rather than a direct attack on the site itself, but this remains unconfirmed.
The attack might have been used to point the millions of Chinese users who use Baidu every day towards a site that took advantage of browser exploits to infect computer users with malware. So it's perhaps fortunate that the Baidu hack involved only political graffiti.
By Tuesday morning, Baidu's site had been cleaned up. Screenshots of the hack can be found in a blog entry with further commentary on the attack by Sophos here. ®