Hacker group “KDMS Team,” who managed to hack Whatsapp, Avira, AVG and various famous website through DNS poisoning, also managed to hack “Metasploit” website (http://www.metasploit.com/)by just sending a FAX to it’s domain registrar (register.com.)
KDMS Team is a Pro-Palestinian Hackers group, they work with the aim of familiarising the “whole world with our unlawfully murdered Palestine.”.
Hackers group sent a FAX to Regsiter.com, who manages Metaspolit’s website DNS, According to HD Moore, chief research officer at security company Rapid7 and driving force behind Metasploit, the website was “hijacked through a spoofed change request FAXED to Register.com. Hacking like its 1964.”
http://t.co/y5VwTXFR3T was hijacked through a spoofed change request FAXED to http://t.co/thf6vZnvuX. Hacking like its 1964
— HD Moore (@hdmoore) October 11, 2013
Rapid7 is a leading Security Company and Creator of world’s best penetration testing software called ‘Metasploit.’
Hackers posted a message on the website:
After Whatsapp , Avira, Alexa , AVG and other sites. We were thinking about quitting hacking and disappear again! But we said: there is some sites must be hacked. You are one of our targets. Therefore we are here. And there is another thing do you know Palestine?" Read more: http://thehackernews.com/2013/10/metasploit-website-hacked-using-dns.html#ixzz2hRM8ESfi Follow us: @TheHackersNews on Twitter | TheHackerNews on Facebook |
Moore also confirming people, how their website got hijacked:
@SuriyaMe they temporarily hijacked our domains by sending a spoofed DNS change request via Fax to http://t.co/W5BBC7jhvy
— HD Moore (@hdmoore) October 11, 2013
Let’s read the official statement released by Rapid 7 on the “Fax attack”:
“This morning the DNS settings for Rapid7.com and Metasploit.com were changed by a malicious third-party. We have taken action to address the issue and both sites are now locked down. We are currently investigating the situation, but it looks like the domain was hijacked via a spoofed change request faxed to Register.com. We apologize for the service disruption, and do not anticipate any further implications for our users and customers at this time. We will keep everyone posted as we learn more, and let the community know if any action is needed.” |
Well the hack shows a serious issue at Register.com, hope they will patch it soon. Rightnow, the website has been recovered and working fine, it looks like-genuine DNS settings have been taken effect ;-).