Palestinian Group Launches Massive DNS Hijacking to Hack AVG Website and Others

October 9, 2013

Hackers are always on the prowl for vulnerable websites, and it is like discovering gold when they are able to attack a security company's site as a Palestinian hacker group has just done with the AVG website.

AVG is an Internet security firm that has long provided applications and solutions to computer security-related issues. Hackers are well aware of the top security dogs of the computer and Internet works and are not afraid to deface them at any chance they get. A Palestinian hacker group known as KDSM Team has come along to deface the AVG website in what appeared to be a case of DNS hijacking as shown in figure 1 below. Such a type of attack on a website is known all-to-well to us and many other security firms where the hackers are able to impact specific domains registered through a particular registrar.

Figure 1. AVG Website hacked by KDMS Team Palestinian hackers – Source: grahamcluley.com

DNS hijacking has long been a means for hackers to deface or take claim of a website, even ones belonging to governments, large businesses and even in some rare cases banking institutions. From the information gathered in the recent AVG website hacking, it is apparent that the KDSM Team has taken claim to defacing AVG's website as a major accomplishment and a potential last hurrah for the group.

The Palestinian KDSM Team group of hackers posted a message on the AVG site upon hacking it claiming 'we will quit hacking' and later deleted their own Facebook page. This message was also posted on other sites that security experts later found out were affected by this massive DNS attack where Avira and WhatsApp sites were also defaced.

Security experts and the companies who had their websites defaced by the Palestinian hacker group later discovered that Network Solutions was compromised by the hackers. Network Solutions, later confirmed by Avira of being hacked, is where the affected companies register their website domains. By attacking Network Solutions, the hackers are able to gain access to changing the DNS records of the site, thus displaying their hacked message on each related page.

As far as the actions of KDSM Team coming to a close has yet to be seen. The same hacker group was responsible for another attack that claimed to take over the LeaseWeb website over the weekend. The hackers even claimed that they were able to steal data from the hosting company's system but never provided any evidence to back up their allegations.

In any given event, the KDSM Team Palestinian group of hackers has proven their ability to hack websites and may be putting on a front as to whether they will be stopping their hacking activities. DNS hijacking attacks are more common than some of us think and KDSM Team is one of many hacker groups who are setting their sights on their next victims.

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 9 + 9 ?