ID: IRCNE2011091236
Date: 2011-09-03
According to “CNET”, the Sri Lankan branch of Anonymous claims to have hacked into the DNS servers of Symantec, Apple, Facebook, Microsoft, and several other large organizations over the past few days.
Posting the news and records of its exploits on Pastebin, the group is taking credit for launching "DNS Cache Snoop Poisoning" attacks against its victims.
DNS cache snooping is the process whereby hackers can query a DNS server to find out which domain names are being resolved into IP addresses.
DNS cache poisoning is a method through which hackers are able to insert malicious and fake records into the cache of DNS servers. As a result, the hackers can then spoof a response to a DNS query, forcing users to go to a phony Web site instead of the real one.
Since DNS, or domain name system, servers maintain the records that assign domain names to IP addresses, attacks against them are especially alarming since they can compromise part of the very foundation of the Internet.
The information posted on Pastebin by Anonymous Sri Lanka shows that the group was able to scan and in some cases expose the DNS information of the companies it targeted, according to Cyber War News. But there's no indication that the hackers were able to modify any of the DNS records that they touched.
In the record of its DNS attack against Symantec, Anonymous Sri Lanka boasts that it breached the "world's second-largest software (antivirus) leader/giant" and says that it captured almost the entire DNS pool, including the company's corporate customers, production servers, and testbeds. The group touted the same DNS Cache Snoop Poisoning attacks against Facebook, Skype, Apple, Cisco, Microsoft, and Novell.
Beyond its attacks against several major tech companies, Anonymous Sri Lanka has also claimed DNS hacks against several groups and agencies in Sri Lanka, including the nation's Parliament, military, and largest telecom provider.
- 3