Craigslist pushes punters to YouTube, hacker site

FLUSH US OUT of your system, says flesh and furniture site

Craigslist is asking users to flush their DNS after one or more pranksters twice changed the DNS records of the popular flesh and furniture classifieds site so it redirects users to a website and video.

The attack, launched on 23 November, saw some users to some pages redirected to a site previously used in 2008 to sell stolen celebrity photos and a YouTube music video both run and created by former hacker Bryce Case Jnr.

Bryce said he did not know who was behind the attack.

Craigslist chief executive Jim Buckmaster said the hack was fixed on Sunday evening.

Buckmaster wrote that "... the Craigslist domain name service records maintained at one of our domain registrars were compromised, diverting users to various non-Craigslist sites," in a notice.

"This issue has been corrected at the source, but many internet service providers cached the false DNS information for several hours, and some may still have incorrect information.

"If you are unable to reach the Craigslist site, please ask your network provider or tech staff to flush all .Craigslist.org and .Craigslist.com entries (A,CNAME,SOA) from their DNS servers."

Case's YouTube video has accrued nearly 200,000 additional hits since the DNS redirection occurred. ®


Biting the hand that feeds IT © 1998–2017