In less than a month after attacking Twitter, Iranian Cyber Army hit Baidu, China’s Internet search engine, Monday.
Users who visited Baidu’s Web site were confronted with a picture of an Iranian flag and a message, “This site has been hacked by the Iranian Cyber Army."
Hackers altered site’s DNS
The outage, which lasted for three and hours, affected many users as Baidu is China’s largest search engine, offering more than 50 search and community services.
Jeremy Rossi, a partner in Praetorian Security Group, a New York City-based security consultancy, told Computer World that it is likely that the Iranian Cyber Army attacked Baidu by altering its Domain Name System (DNS) at the registrar level.
Twitter and Baidu attacks similar
There is a possibility that the hackers undertook a phishing attack to obtain a username and password that allowed them to access the records of Baidu at the registrar level, asserted Rossi.
The same method was used to hack Twitter in December. The company has said that a Twitter account was used to modify its DNS records.
The Twitter attack had lasted for more than an hour. The users who logged in were redirected to a page with black screen that had an image of a green flag, and the page read in English and Arabic that the site had been hacked by Iranian Cyber Army, asserting that they had the power to control and manage Internet.
Reason behind attack unclear
It is not clear why Baidu’s Web site has been attacked.
Twitter was hacked after micro-blogging site was used by the pro-democracy forces in Iran earlier in summer to bring to light the country’s disputed presidential elections that were marred by blood bath.
At that time, when the media had a difficult time covering the elections, the opposition took to Twitter to provide minute by minute update along with videos.
It is likely that the attack on Baidu is the result of severing bilateral ties between the two countries following elections in Iran last year.
Additionally, Chinese Web users have created "CN4Iran", a discussion forum on Twitter, commenting on the situation in Iran and supporting the pro-democracy forces.
Chinese hackers launch counter attack
The attack, though short-lived, infuriated Chinese Web users.
In retaliation, the hackers in China attacked Web sites registered in Iran, which appeared with Chinese flags and their slogans.
An Iranian Web site, room98.ir, displayed a message by the Honker Union for China, “This morning your Iranian Cyber Army intrusion [sic] our baidu.com.
“Please tell your so-called Iranian Cyber Army: Don't intrusion Chinese website about The United States authorities to intervene the internal affairs of Iran's response. This is a warning!”
The Honker Union for China also posted a slogan on their Website, “We are China's hacker! Let the world hear the voice of China! The state is higher than the dignity of all!"
The Honker Union for China is a group in China that is quite active for hacktivisim. Its members combine hacking skills with patriotism and nationalism.
Over the years, they have launched a series of attacks on websites in the United States, mostly government-related sites.
by Jaspreet Virk