The sites were either taken down on Sunday evening or users were redirected to a page belonging to the hackers.
The Register, The Telegraph, UPS, BetFair and Acer (News - Alert) were among the compromised major sites that sent users to the hackers’ home page, according to ZDNet.
“DNS hacks enable hackers to redirect users to any site they wish,” explains a recent report from ZDNet. “These kinds of hacks are not typically easy, but rely on weaknesses in domain registrars — through the usual means of password breaking or vulnerability spotting — to access the settings pages to cause disruption.”
It appears those responsible are from Turkey. The hacking group appears to be called “TG” or “TurkGuvenligi,” ZDNet said.
“Turkguvengligi didn't attack the websites directly, but rather it went after their DNS servers, redirecting web users to its own servers,” reports The Inquirer. “The attack, known commonly as DNS hijacking, is one of the most dangerous attacks around due to its subtlety, which means that users have a hard time distinguishing whether they are on legitimate or compromised websites.”
Some of the sites were restored quickly while others remained down for many hours, ZDNet reported.
Zone-H published what is believed to be a complete list of affected sites. Total notifications were about 187, with 72 single ip and 115 mass defacements, Zone-H said.
In their statements, the hackers used the phrase, "Gel Babana," Turkish for "Come to Papa," and the word "Guvenligi," Turkish for "Security," according to Sophos.
In related news, an Israeli online newsite, Ynet, reported that Turkish hackers “hijacked” 350 Israeli websites on Sunday evening. Yedioth Ahronoth speculated that the DNS hijacking was a "test-run" in preparation of a larger attack on Israeli domains, Ynet said.
"The hack represents a 10-15 percent spike compared to the average number of daily hacks of Israeli websites," Shai Blitzblau, head of Maglan-Computer Warfare and Network Intelligence Labs, told Ynet.
In other news about hackers in Turkey, TMCnet reported that in June the government in Turkey detained 32 suspected computer hackers allegedly linked to Anonymous, a loosely organized group of hackers and activists.
In August, ZDNet said Turkish hackers attacked several websites in South Korea, such as Epson and HSBC.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO West 2011, taking place Sept. 13-15, 2011, in Austin, Texas. ITEXPO (News - Alert) offers an educational program to help corporate decision makers select the right IP-based voice, video, fax and unified communications solutions to improve their operations. It's also where service providers learn how to profitably roll out the services their subscribers are clamoring for – and where resellers can learn about new growth opportunities. To register, click here.
Ed Silverstein is a TMCnet contributor. To read more of his articles, please visit his columnist page.
Edited by Rich Steeves