Matsuda Posted October 8, 2013 Share Posted October 8, 2013 The Palestinian hacker group KDSM Team has defaced the main website of AVG Technologies, avg.com. It’s uncertain if the incident is a result of a breach of AVG’s systems or if it’s another case of DNS hijacking. At the time of writing, the site is restored. However, security expert Graham Cluley has captured a screenshot of the defacement page.“We are here to deliver two messages. First one: we want to tell you that there is a land called Palestine on the earth. This land has been stolen by Zionist. Do you know it? Palestinian people has the right to live in peace. Deserve to liberate their land and release all prisoners from Israeli jails. We want peace. Long live Palestine,” the hackers wrote on the defaced site.They added, “Second message: There Is No Full Security. We Can Catch You! Hacked by KDMS team. Now We Will Quit Hacking.”Interestingly, the part about “we will quit hacking” appears to be true since the group has deleted its Facebook page. It’s uncertain how the hackers pulled this off. We’ve reached out to AVG in hopes that they can provide some clarifications. This article will be updated in case we hear from them, or if they publish a statement.KDMS Team is the same group that claimed to have hacked LeaseWeb over the weekend. The hackers say they’ve stolen data from the web hosting company’s systems, but they haven’t provided any evidence to back their allegations. LeaseWeb representatives said the attack was the result of a DNS hijack. It’s possible that a DNS poisoning attack is behind the AVG website defacement as well, but we’ll probably find out for sure once AVG comes forward with a statement.Update. Experts have confirmed that this is a case of DNS hijacking. It appears that avg.com is not the only domain affected. Avira and WhatsApp websites have also been defaced in the same manner. The visitors of these sites see the real site or the defacement page depending on what DNS they're using. Also, the hackers have clarified that their Facebook page was actually deleted by Facebook.Update 2. All of the impacted domains are registered through Network Solutions. It's possible that the hackers breached the systems of Network Solutions. Kaspersky's Aleks Gostev says Avira's email is also affected. We can confirm this since the emails we've attempted to send to Avira have bounced back.“It appears that several websites of Avira as well as other companies have been compromised by a group called KDMS. The websites of Avira have not been hacked, the attack happened at our Internet Service Provider ‘Network Solutions’,” Avira Security Expert and Product Manager Sorin Mustaca said in a mailed statement. According to Mustaca, the DNS records of the impacted websites have been changed to point to arbitrary domains. “It appears that our account used to manage the DNS records registered at Network Solutions has received a fake password-reset request not being initiated by anyone at Avira,” the expert explained.“Network Solutions appears to have honored this request and allowed a 3rd party to assume control of our DNS. Using the new credentials the cybercriminals have been able to change the entries to point to their DNS servers.”Avira reassures customers that their internal networks have not been compromised. Until all DNS entries are back in their possession, the company has shut down all external services.“We are working with the ISP to receive control on the domain name and only when we have solved the problem we will restore the access to the Avira services. At this point we are not aware of any effect to our customers,” Mustaca concluded.While this statement comes only from Avira, the scenario is most likely the same for all the impacted companies.Additional details will probably be provided by Network Solutions in the upcoming hours. Stay tuned to find out more.Source And Source Link to comment Share on other sites More sharing options...
jalaffa Posted October 8, 2013 Share Posted October 8, 2013 plaestenian... (are they from outer space?) Link to comment Share on other sites More sharing options...
nanoman Posted October 8, 2013 Share Posted October 8, 2013 plaestenian... (are they from outer space?)nope ,they are Arab though Palestine inst declared as state for many reasons were not going through because its off topic Link to comment Share on other sites More sharing options...
STEEL Posted October 8, 2013 Share Posted October 8, 2013 (edited) :rant: :rant: :rant: Edited January 13, 2014 by STEEL Link to comment Share on other sites More sharing options...
ramiz0 Posted October 8, 2013 Share Posted October 8, 2013 This is really bad now what will these antiviruses companies will do?And what about those who are using there antivirus or products? Link to comment Share on other sites More sharing options...
Tweety.Abd Posted October 8, 2013 Share Posted October 8, 2013 A cheap-shot attempt at publicity. Link to comment Share on other sites More sharing options...
DrKash Posted October 8, 2013 Share Posted October 8, 2013 (edited) plaestenian... (are they from outer space?)Palestine before the occupation of the zionistsPalestine passport and Palestine coin fromMandatory Palestine Edited October 9, 2013 by DrKash Link to comment Share on other sites More sharing options...
Avitar Posted October 9, 2013 Share Posted October 9, 2013 How come I don't get that cool message? Link to comment Share on other sites More sharing options...
Avitar Posted October 9, 2013 Share Posted October 9, 2013 Or that picture from the same URL? Link to comment Share on other sites More sharing options...
sirri Posted October 9, 2013 Share Posted October 9, 2013 So funny :D . They promised, they offered and they delivered protection to customers but they are so WEAK to protect themselves. Link to comment Share on other sites More sharing options...
Cyberboom Posted October 9, 2013 Share Posted October 9, 2013 Another screenshot from my browser :) Link to comment Share on other sites More sharing options...
hamede Posted October 9, 2013 Share Posted October 9, 2013 they are so WEAK to protect themselves Link to comment Share on other sites More sharing options...
Matsuda Posted October 9, 2013 Author Share Posted October 9, 2013 Avira website back working for me. :) Link to comment Share on other sites More sharing options...
emerglines Posted October 9, 2013 Share Posted October 9, 2013 Palestine :) Link to comment Share on other sites More sharing options...
ramiz0 Posted October 9, 2013 Share Posted October 9, 2013 So funny :D . They promised, they offered and they delivered protection to customers but they are so WEAK to protect themselves. :o :D Link to comment Share on other sites More sharing options...
STEEL Posted October 11, 2013 Share Posted October 11, 2013 AVG, is fine B) Link to comment Share on other sites More sharing options...
truemate Posted October 11, 2013 Share Posted October 11, 2013 AVG, is fine B)ohh wooo... thanks for knowing that :snack:check urs pm Link to comment Share on other sites More sharing options...
Tweety.Abd Posted October 11, 2013 Share Posted October 11, 2013 (edited) So funny :D . They promised, they offered and they delivered protection to customers but they are so WEAK to protect themselves. I know right! How are Avira be expected to protect their users if it can't even protect itself? Edited October 11, 2013 by Tweety.Abd Link to comment Share on other sites More sharing options...
Recommended Posts