A group claiming to be the Iranian Cyber Army redirected Baidu users to a site displaying a political message.
The site was down for at least four hours on Tuesday, Chinese media said.
Last year's attack on micro-blogging service Twitter had the same hallmarks, sending users to a page with an Iranian flag and message in Farsi.
"This morning, Baidu's domain name registration in the United States was tampered with, leading to inaccessibility," Baidu said in a statement.
Visitors to the site were greeted with the message: "This site has been hacked by Iranian Cyber Army".
The message was accompanied by a picture of the national flag of Iran.
"In China, Baidu outranks Google as the search engine of choice, receiving millions of visits every day. That makes it an extremely attractive target for cybercriminals," said Graham Cluley, senior technology consultant at security firm Sophos.
Political graffiti
It is not yet clear whether the site itself was compromised or its so-called DNS records.
DNS records are like a telephone book, converting website names like baidu.com into a sequence of numbers understandable by the internet.
"It's possible someone changed the lookup, meaning whenever surfers entered baidu.com into their browsers they were instead taken to a website that wasn't under the search engine's control," explained Mr Cluley.
It seems as if the hackers used the attack as an opportunity to create political graffiti rather than inflict real damage.
"If that third party website had contained malware then millions of computers could have been infected and identities stolen," said Mr Cluley.
"Attacks like this are a reminder to everyone that you always need to have security scanning every webpage you visit, even if it's a well-known legitimate website," he added.
No comments:
Post a Comment