Twitter Falls Prey to an Iranian Hack

How the Hack Took Place

It is around 10.15 pm Eastern Time on Thursday evening when Twitter’s website gets redirected towards a weird URL. Twitter’s users are then faced with a black page and a green flag right in the middle, some farsi lettering and a clear-cut message announcing: “ This site has been hacked by the Iranian cyber army .”

The Iranian Cyber Army is also known as ICA which is an anagram for the CIA. The hack is clearly meant to be a gibe against the American authorities who quote Think They (Are) Controlling And Managing Internet … end of quote.

DNS Security Put at Risk?

Twitter’s administrators first thought it was a DNS attack. This did not please the New Hampshire based firm Dyn Inc which manages Twitter’s DNS servers. Dyn Inc. denies these claims and thinks that the person who changed the URL forwarding used Twitter’s own account credentials. Hence the hacker must have had the account’s e-mail address. S/He then managed to get the password by requesting an automatic password reminder and could thus alter Twitter’s redirections.

Twitter and Iranian Politics

Twitter got a wide media coverage during last June’s Iranian elections. The microblog superseded journalists who were ousted of the country. Twitter also served as a means of communication between Iranian demonstrators. Sensing the seminal role played by Twitter during these events, the American government asked its administrators to postpone its June maintenance. The latter could indeed have resulted in the disruption of Twitter’s services.
This hack is the latest in a series. In May 2009 French hacker had also managed to get access to Twitter’s administrator panel retrieving such seminal information as Paypal accounts and credit card details of several of Twitter’s employees. In recent reports, the French hacker denied any allegation of involvement in Thursday’s hack.

DNS security is among the many issues that will be addressed during the Second International Domain Name Conference (RINDD)in Paris on March 15th and 16th 2010. An IT and safety workshop entitled “New DNS Tools to Face New Threats” will be dedicated to the subject on Tuesday morning.

To read more about RINDD 2010 visit http://www.mailclub.fr/domaines/rindd-2010/article/event-presentation