WikiLeaks’ whistleblowing website suffered an attack from the group known as OurMine on Thursday, when Julian Assange’s data-leaking site found itself on the receiving end of a ‘hack’.
The incident took the form of a defacement of WikiLeaks.org and meant that visitors to the site were redirected (using a technique known as DNS poisoning) to a page created by OurMine with a messages that said: “Hi, it’s OurMine (Security Group), don’t worry we are just testing your…. blablablab, oh wait, this is not a security test! Wikileaks, remember when you challenged us to hack you?”
The group, who have been in the spotlight recently, said they were responding to a challenge from WikiLeaks asking them to attempt to hack them.
For a short-lived period on Thursday morning, they attacked the DNS servers, so that browsers showed the WikiLeaks homepage as controlled by OurMine.
Not content with directing their message to WikiLeaks, they also addressed the hacktivist group, Anonymous: “Anonymous, remember when you tried to dox us with fake information for attacking wikileaks [sic]?” the message stated. “There we go! One group beat you all! #WikileaksHack lets get it trending on twitter [sic]!”
Despite the defacement action it remains unlikely that the WikiLeaks severs were compromised by OurMine.
As of yet there is no evidence that the group stole any important personal data or caused any lasting damage – apart from the embarrassment of the companies impacted.
The high-profile attacks have raised considerable attention for the group though and have followed a template of using previously used passwords that came to light following data breaches.
This is usually followed with what appears to be a sales pitch pointing out that the security of the site that they took control of is subpar and to contact them if they want to upgrade.
WikiLeaks have not released any official statement regarding the incident with OurMine.
Author Shane Curtis, ESET
via WeLiveSecurity http://ift.tt/2o9cyXf September 1, 2017 at 08:43AM