Twitter Hacked and Defaced by iranian Cyber Army

This is not so secure World Wide Web, as the news buzzing the blogosphere and twitter is about twitter being hacked or defaced by group of people known to be coming from Iran.
Few hours ago Twitter looked like this ,

Iranian Cyber Army

This site has been hacked by Iranian Cyber Army

iranian.cyber.army@gmail.com

U.S.A. Think They Controlling And Managing Internet By Their Access, But They Don’t, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To ………….

NOW WHICH COUNTRY IS EMBARGO LIST? IRAN?USA?

WE PUSH THEM IN EMBARGO LIST

Take Care.

Now, that makes me laugh the message at the end ” Take care ” . Anywatys various blogs including businessinsider and techcrunch confirmed this event .
This can generally be due to a DNS cache poisoning attack as being said by some uber geek’s out there , One of the guys posted a traceroute done on twitter and it clearly shows that twitter.com was being redirected to some anonymously hosted page via the Tor network .
Here’s a detailed Traceroute while twitter was defaced,

$ tracepath www.twitter.com
1: local-khan.local (192.168.0.100) 0.251ms pmtu 1500
1: 192.168.0.1 (192.168.0.1) 0.897ms
1: 192.168.0.1 (192.168.0.1) 0.479ms
2: 10.244.144.1 (10.244.144.1) 8.335ms
3: ip68-0-128-113.tc.ph.cox.net (68.0.128.113) 8.431ms
4: 70.169.76.229 (70.169.76.229) 24.198ms asymm 6
5: langbbr01-ae0.r2.la.cox.net (68.1.0.232) 35.657ms asymm 8
6: cr2-cr1.lax009.internap.net (66.79.146.206) 36.178ms asymm 10
7: lax009-phx007-832-cr1.phx007.internap.net (66.79.147.182) 40.415ms asymm 8
8: cr2-cr1.phx007.internap.net (66.79.147.174) 46.740ms asymm 9
9: dal005-phx007-833-cr1.dal005.internap.net (66.79.147.177) 54.298ms asymm 7
10: dal005-tor003-1160-cr1.tor003.pnap.internap.net (66.79.147.230) 86.102ms asymm 7
11: tor001-tor003-769-core1.tor001.internap.net (66.79.153.34) 98.458ms asymm 9
12: border1.te9-1-bbnet2.tor001.pnap.net (70.42.24.196) 94.665ms asymm 9
13: netfirms-1.border1.tor001.pnap.net (70.42.26.54) 104.351ms asymm 10

Although twitter was defaced but it was not twitter’s fault or some security lapse in twitter , rather it was due tot eh insecure DNS sytem that is being used nowdays and is soon to be fixed up globally via the DNSSES (http://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions ) . Hope all the DNS servers and clients in the world start following this DNSSEC protocol , otherwise we may soon find every other website to be defaced .
Btw I dont tweet that much , but this twitter breakdown, was a Big news and I decided to write something about it .

Tags: asymm, cyber army, Dns Attack, Don, gmail, IRAN, iran usa, Iranian Cyber Army, tor, Twitter, Twitter breakdown, Twitter Defaced, U.S.A., USA

This entry was posted on Friday, December 18th, 2009 at 1:01 am and is filed under Security, Web Apps. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.