Jump to content

Syrian Electronic Army Claims Control Over Facebook.Com Domain


Reefa

Recommended Posts

[bREAKING] The Sryrian Electronic Army is claiming to have taken control over the domain Facebook.com, likely through hacking into the domain administrator account at the social network's Domain Registrar. Story Devloping....

In Tweet Wednesday evening, the hackers posted a Tweet, wishing Facebook founder Mark Zuckerberg a happy birthday: "Happy Birthday Mark! Facebook.com owned by #SEA," the Tweet read.

The domain information below is what is currently showing as of 6:35 EST. The hackers have appeared to modify the three primary registratnt contacts, though the domain name servers do not appear to have been modified.

The company's registrar, MarkMonitor, is steward to many of the Internet's biggest brands and does have strong security policies and options in place. It's likely that while the attackers may have accessed an admin account, the ability to change the DNS records may require further authenication, but that is unclear. However, the hackers did make a follow-up post to Twitter saying they did change the namesevers. "We changed the nameservers, but it's taking too much time..," the Tweet said.

Facebook.com-domain-hacked.jpg

Update: As of 7:00PM the registrant contact details were restored to "[email protected]", indicating that MarkMonitor and Facebook were able to react quickly before any damage was done.

The hackers said that in response to being hacked, MarkMonitor took down the domain management portal and posted this alleged screenshot:

MarkMonitor_Down.png

The company's registrar, MarkMonitor, is steward to many of the Internet's biggest brands and does have strong security policies and options in place. It's likely that while the attackers may have accessed an admin account, the ability to change the DNS records may require further authenication, but that is unclear. However, the hackers did make a follow-up post to Twitter saying they did change the namesevers. "We changed the nameservers, but it's taking too much time..," the Tweet said.

When asked about a similar incident targeting PayPal's UK domain over the weekend, MarkMonitor told SecurityWeek that it does take security seriously but is unable to comment. "We also have a policy where we never comment on clients - including neither comfirming nor denying if a company is a client," a MarkMonitor spokesperson told SecurityWeek on Saturday.

The Syrian Electronic Army has been responsible for several recent attacks, including one domain attack last week against PayPal, and others last year that targeted the AFP’s Twitter account and three CBS News accounts, all in support of Syria’s President Assad. In May, the group hacked into the Associated Press's Twitter account and falsely reported that President Barack Obama had been injured after two blasts at the White House.

Last month, the group was assumed to be behind an attack against Microsoft in an incident where attackers breached the email accounts of a “select number” of employees, and obtained access to documents associated with law enforcement inquiries.

Source

Edited by F3dupsk1Nup
Link to comment
Share on other sites


  • Replies 4
  • Views 1.3k
  • Created
  • Last Reply

Top Posters In This Topic

  • Reefa

    2

  • user@nsaneforums

    1

  • SPECTRUM

    1

  • kn_andre

    1

Popular Days

Top Posters In This Topic

Cheers for Sharing ... Maybe they have regained control over it, Because now when i checked it showed this :

Raw Registrar Data

Domain Name: facebook.com
Registry Domain ID:
Registrar WHOIS Server: whois.markmonitor.com
Registrar URL: http://www.markmonitor.com
Updated Date: 2013-06-06T04:00:37-0700
Creation Date: 2010-04-01T11:56:37-0700
Registrar Registration Expiration Date: 2020-03-29T21:00:00-0700
Registrar: MarkMonitor, Inc.
Registrar IANA ID: 292
Registrar Abuse Contact Email: 4f988b1b5705f73.png@markmonitor.com
Registrar Abuse Contact Phone: +1.2083895740
Domain Status: clientUpdateProhibited
Domain Status: clientTransferProhibited
Domain Status: clientDeleteProhibited
Registry Registrant ID:
Registrant Name: Domain Administrator
Registrant Organization: Facebook, Inc.
Registrant Street: 1601 Willow Road,
Registrant City: Menlo Park
Registrant State/Province: CA
Registrant Postal Code: 94025
Registrant Country: US
Registrant Phone: +1.6505434800
Registrant Phone Ext:
Registrant Fax: +1.6505434800
Registrant Fax Ext:
Registrant Email: 953c85323142355.png@fb.com
Registry Admin ID:
Admin Name: Domain Administrator
Admin Organization: Facebook, Inc.
Admin Street: 1601 Willow Road,
Admin City: Menlo Park
Admin State/Province: CA
Admin Postal Code: 94025
Admin Country: US
Admin Phone: +1.6505434800
Admin Phone Ext:
Admin Fax: +1.6505434800
Admin Fax Ext:
Admin Email: 953c85323142355.png@fb.com
Registry Tech ID:
Tech Name: Domain Administrator
Tech Organization: Facebook, Inc.
Tech Street: 1601 Willow Road,
Tech City: Menlo Park
Tech State/Province: CA
Tech Postal Code: 94025
Tech Country: US
Tech Phone: +1.6505434800
Tech Phone Ext:
Tech Fax: +1.6505434800
Tech Fax Ext:
Tech Email: 953c85323142355.png@fb.com
Name Server: a.ns.facebook.com
Name Server: b.ns.facebook.com
URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
>>> Last update of WHOIS database: 2014-02-05T17:17:31-0800 <<<

The Data in MarkMonitor.com's WHOIS database is provided by MarkMonitor.com for
information purposes, and to assist persons in obtaining information about or
related to a domain name registration record. MarkMonitor.com does not guarantee
its accuracy. By submitting a WHOIS query, you agree that you will use this Data
only for lawful purposes and that, under no circumstances will you use this Data to:
(1) allow, enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations via e-mail (spam); or
(2) enable high volume, automated, electronic processes that apply to
MarkMonitor.com (or its systems).
MarkMonitor.com reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.

MarkMonitor is the Global Leader in Online Brand Protection.

MarkMonitor Domain Management™
MarkMonitor Brand Protection™
MarkMonitor AntiPiracy™
MarkMonitor AntiFraud™
Professional and Managed Services

Visit MarkMonitor at http://www.markmonitor.com
Contact us at +1.8007459229
In Europe, at +44.02032062220
--

Information Updated: Thu, 6 Feb 2014 01:27:26 UTC

Source : https://who.is/whois/facebook.com/

Link to comment
Share on other sites


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...