A group calling itself the “Iranian Cyber Army” has targeted Twitter. The DNS record for the Twitter site was apparently hacked and modified to redirect to a site controlled by the hackers which featured a politically charged message. Exactly how this was done is unknown at this time, but it’s believed that it could have been via a vulnerability or a stolen/guessed password.
The following message appeared when users tried to log into Twitter:
Iranian Cyber Army
THIS SITE HAS BEEN HACKED BY IRANIAN CYBER ARMY
iRANiAN.CYBER.ARMY@GMAIL.COM
U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don’t, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To….
NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA?
WE PUSH THEM IN EMBARGO LIST
Take Care.
The purpose for the takeover has not been revealed yet but Twitter has posted on its own official Twitter feed “The motive for this attack appears to have been focused on defacing our site, not aimed at users. We don’t believe any accounts were compromised.”
Companies like Symantec, who have looked into the matter, are also confirming malware or spyware doesn’t seem to be involved.