Sign in with
Sign up | Sign in

Anti-Virus Websites Hacked by Palestinian Nationalists

By - Source: Tom's Guide US | B 21 comments
Tags :

No company wants its website hacked, but it's particularly embarrassing if you sell goods and services designed to prevent hacking.

Anti-virus software providers AVG and Avira, as well as instant-messaging app maker WhatsApp, today (Oct. 8) fell victim to Palestinian nationalist hackers who redirected users to their own Web page via a subtle method known as DNS (Domain Name System)  hijacking.

The hacks come from an ill-defined organization known as the KDMS Team, who also claim association with Anonymous Palestine. KDMS has no apparent desire to spread malware or gather user information, but rather wants to leverage high-profile websites to spread a nationalistic (if poorly spelled) missive.

"We are here to deliver tow [sic] messages," KDMS declared on the hacked websites. The group claims that Palestinian land has been stolen by Zionists, and that the Palestinians wish to live peacefully following the release of all Palestinian prisoners from Israeli jails.

MORE: 5 Free PC Security Programs Worth Downloading

"We want peace" and "Long live Palestine" follow, as do a Palestinian flag and map illustrating the shrinking Palestinian territory between 1946 and 2000 (historians will note that Israel, which now possesses most formerly Palestinian land, came into existence in 1948).

AVG, the anti-virus arm of Czech security company Grisoft, has already cleaned up its website and returned its functionality to normal. If your inner subversive is dying to see what KDMS has accomplished, the site for German anti-virus firm Avira remains in their hands at the time of writing.

The website for popular mobile messaging service WhatsApp was also affected and, as of this writing, still plays the Palestinian national anthem. There is no evidence that the WhatsApp app itself has been compromised.

Aside from the inherent irony of security websites falling prey to malefactors, the KDMS hack is interesting in that it is using DNS hijacking to redirect users, rather than modifying existing content on its victim sites.

DNS hijacking is a practice used by hackers, phishers and, occasionally, Internet service providers. The process fools Internet browsers into connecting to one site when it means to connect to another.

An ISP might do this in order to route users back to its own search engine; KDMS has done it to redirect users to its oddly translated message.

The reason why these three companies have found themselves in Palestinian crosshairs is because their DNS entries are maintained by Network Solutions, a major domain-name registry.

According to a report from Softpedia, Network Solutions replied to a fake password-reset request, granting KDMS all the tools they needed to hijack the companies' websites without resorting to sophisticated hacking techniques.

In the meantime, AVG is back to normal, and Avira and WhatsApp should follow suit soon enough. If you visited any of the hijacked websites, you have nothing to worry about (save for a MIDI of the Palestinian national anthem getting stuck in your head).

If you use services with password-reset options, consider using two-step authentication to prevent a situation like this one.

Follow Marshall Honorof @marshallhonorof. Follow us @tomsguide, on Facebook and on Google+.

Discuss
Ask a Category Expert

Create a new thread in the Streaming Video & TVs forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
  • -2 Hide
    coolitic , October 8, 2013 10:04 AM
    wait, the hacks have to do with nationalism?
    I always thought it was just some idiots trolling? (well they still are idiots)
  • 2 Hide
    coolitic , October 8, 2013 10:04 AM
    They seem to show their message poorly.
  • -1 Hide
    de5_Roy , October 8, 2013 10:21 AM
    i just got a server not found error for a while.
    these guys should really step up their security being security software vendors themselves.
  • Display all 26 comments.
  • 5 Hide
    eza , October 8, 2013 11:51 AM
    The headline should be "Network Solutions allow social engineering attack" :-(
  • 6 Hide
    kefob , October 8, 2013 12:00 PM
    They really need to fix this article. It wasn't Avira or AVG that got hacked, it was Network Solutions. Both of these companies are using Network Solutions for their DNS. The hackers made changes in the Network Solutions systems, but never had access to the Avira or AVG networks. So the lack of security here would fall to NS.
  • 5 Hide
    spectrewind , October 8, 2013 12:12 PM
    I think the quality of this article is rather poor by way of misleading title.

    A DNS SPOOF/cache poisoning has NOTHING to do with the hacking of a website. It's just a redirect. Someone broke into the authoritative DNS registry for the A-Record of the FQDN to IP lookup and set it to a different IP (the hacker website).

    Poorly titled for click-bating and ad casting.
  • -1 Hide
    wiinippongamer , October 8, 2013 3:50 PM
    hehehe
  • -3 Hide
    YardstickWHACK , October 8, 2013 3:57 PM
    I don't think attacking web sites is the best way to garner sympathy for your cause. Better than firing rockets, I guess.
  • -3 Hide
    AppleGoingDown , October 8, 2013 5:50 PM
    @YardstickWHACK

    Israel attacks men women and children with WMD's in order to steal land and oppress an entire culture

    YET

    You criticize Palestinians doing some civil disobedience?

    LONG LIVE PALESTINE! AND MAY THE APARTHEID ISRAELI REGIME CRUMBLE TO DUST!

    This is a direct response to Yardstick who implies Palestinians are terrorists. Has this site become islamophobic and pro-israeli terror?
  • 1 Hide
    rsweq , October 8, 2013 6:03 PM
    @AppleGoingDown

    Ignorance is bliss for you.
  • -3 Hide
    AppleGoingDown , October 8, 2013 6:07 PM
    rsweq , October 8, 2013 6:03 PM
    @AppleGoingDown

    Ignorance is bliss for you.

    Want me to educate you on Palestine and Israel? I bet that 95% of what you know is Hasbara propaganda.
  • 1 Hide
    rsweq , October 8, 2013 6:12 PM
    There was never a Palestinian country ever.

    Palestinian country was the imaginary creation of Islamists in the Middle East when they heard Jews (described as pigs and monkeys in Quran and must be killed wherever they are as a religious obligation although they have more than 15% of all Noble prizes) started a country near them. They went into a 'SHOCK RELIGIOUS NUT' mode and started all this nonsense. Still Arabs hate Jews not because they want state because their religion doesn't permit it and call on them to kill Jews and Christians.

    They find the mere presence of Jews in the world irritating. Even if they go to the moon. They will say "Moonestine is ours"

    There was only Jordan.

    Quote

    Jordan is Palestine. Palestine is Jordan.This is the royal decree and sentiments of two of the kings of Jordan.
    “Palestine and Jordan are one…” said King Abdullah in 1948.
    “The truth is that Jordan is Palestine and Palestine is Jordan,”said King Hussein of Jordan, in 1981.
  • 2 Hide
    rsweq , October 8, 2013 6:16 PM
    There was never a Palestinian country ever.

    Palestinian country was the imaginary creation of Islamists in the Middle East when they heard Jews (described as pigs and monkeys in Quran and must be killed wherever they are as a religious obligation although they have more than 15% of all Noble prizes) started a country near them. They went into a 'SHOCK RELIGIOUS NUT' mode and started all this nonsense. Still Arabs hate Jews not because they want state because their religion doesn't permit it and call on them to kill Jews and Christians.

    They find the mere presence of Jews in the world irritating. Even if they go to the moon. They will say "Moonestine is ours"

    There was only Jordan.

    Quote

    Jordan is Palestine. Palestine is Jordan.This is the royal decree and sentiments of two of the kings of Jordan.
    “Palestine and Jordan are one…” said King Abdullah in 1948.
    “The truth is that Jordan is Palestine and Palestine is Jordan,”said King Hussein of Jordan, in 1981.
  • -3 Hide
    AppleGoingDown , October 8, 2013 6:21 PM
    Just like I thought, you are a rabid islamophobe who knows next to nothing about Palestine. The natives, who had been on the land for 2000 years, were arabs and muslims.

    Here, educate yourself from the texts of a jewish historian:

    Descriptive Geography and Brief Historical Sketch of Palestine
    By Rabbi Joseph Schwarz, 1850

    http://www.jewish-history.com/Palestine/

    and here is more information that you are in dire need of:
    http://whatreallyhappened.com/WRHARTICLES/mapstellstory.html
  • -3 Hide
    AppleGoingDown , October 8, 2013 6:22 PM
    Just like I thought, you are a rabid islamophobe who knows next to nothing about Palestine. The natives, who had been on the land for 2000 years, were arabs and muslims.

    Here, educate yourself from the texts of a jewish historian:

    Descriptive Geography and Brief Historical Sketch of Palestine
    By Rabbi Joseph Schwarz, 1850

    http://www.jewish-history.com/Palestine/

    and here is more information that you are in dire need of:
    http://whatreallyhappened.com/WRHARTICLES/mapstellstory.html
  • 2 Hide
    f-14 , October 8, 2013 7:31 PM
    Marshall Honorof, you lost all your credibility as to knowing anything about computers on a computer tech website, who hired you, why do you have a job here?

    as to applegoingdown, your in that bushel basket case all on your own.

    palestinians are not protesters, they are illegal immigrants whose arab countries refuse to take back, much like the father throwing out his redheaded redneck children.
    don't want to go back or were born in isreal, then swear allegiance to Isreal. if they choose not it is their own fault, isreal gives them the chance to legally live in isreal, they have but only to swear allegiance to isreal as other muslim arabs have done when they became isrealis.
    this is no different than the mexicans that were in texas when mexico lost the war against texas, the mexicans were either deported back to mexico or they swore allegiance to the flag of texas.
    if you think isreal should give up land it has conquered then you are also of the same mind that america must give back it's land to the american indians, that the u.k. is to give back their land to the celts as well as most of the european nations who conquered others to make their country.

    infact most of the arab nations prior to the creation of isreal were owned by the british empire. prior to that most of the arab nations were part of the ottoman empire, prior to that they were part of the roman empire, prior to that the arab nations were part of the roman empire, along with isreal 2,013+ years ago. stay in school, just say no to drugs your history has a gap of about 10,000 years and is very faulty.

    this is why the arabs are constantly being conquered and ruled by others much more powerful.
  • -1 Hide
    AppleGoingDown , October 8, 2013 7:54 PM
    @ f-14

    When european jews stole the land in 1947 with the help of western powers, 95% of the natives weer muslim. Israel even deported 750,000 palestinians out of Israel which is a crime against humanity. They also razed 1000 muslim towns to the ground. They erased everything that was muslim to make sure no one would see that the JEWS were the invaders. There was no Israel! It was called palestine for 2000 years and the jews barely made up 5% of the population. The muslims from that area called palestine have always been oppressed by one group or another. The Jews are the latest group to oppress them.

    go look up the links I provided. I bet you won;t because you either want to hold on to your hate OR you know I am right and you lie.

    Israel is in violation of over 100 UN resolutions. Iraq violated 16 and got attacked by the US. Israel = rogue apartheid state

    LONG LIVE THE PALESTINIAN HACKERS! LONG LIVE PALESTINE!
  • 0 Hide
    f-14 , October 8, 2013 8:05 PM
    you know what's sad, i found this on yahoo right after i closed Tom's. had to jump back here and give marshall something more relevant.
    http://www.theverge.com/2013/10/8/4817948/anonymous-no-more-twitter-engineer-uconn-security-analyst-among-13
    Anonymous no more: Twitter engineer, UConn security analyst among 13 indicted for 'Operation Payback'
    Not all the people named in the FBI indictment fit the hacker stereotype
    By Greg Sandoval on October 8, 2013 07:11 pm

    Some of the men indicted last week for allegedly taking part in the scores of denial-of-service attacks launched by hacktivist group Anonymous during 2010 don't fit the stereotype of a pajamas-wearing teen hacker causing havoc from mom's basement.

    For example, The Verge has learned that defendant Phillip Simpson is a 28-year-old IT professional who works for a test-preparation service. Anthony Tadros, 22, is a student at the University of Connecticut, who ironically worked as a security analyst for the school, according to his LinkedIn profile. Geoffrey Commander is 65-years old. And then there's Ryan Gubele, a 27-year-old who is a former contract employee for Amazon. In June, Gubele began working as a site reliability engineer for Twitter — and is currently still employed there.

    "IT'S IN MY BEST INTEREST NOT TO ANSWER ANY QUESTIONS."
    Last week, the US Department of Justice alleged in a 28-page indictment that Gubele and the other 12 defendants helped Anonymous, the hacktivist collective, cause the collapse or disruption of web sites operated by Bank of America, MasterCard and multiple global antipiracy groups. Some of the companies were attacked for refusing to process donations made to WikiLeaks, the group that published leaked US diplomatic cables. Others came under fire for supporting antipiracy efforts. Anonymous dubbed the DDoS campaign Operation Payback.

    In the indictment, federal prosecutors allege that it was Gubele who aided Anonymous by tracking the effectiveness of the group's attacks on the Motion Picture Association of America, the trade group for the Hollywood studios. They also accuse him of illegally accessing computer systems of at least one of the targets during Operation Payback, which occurred between September 2010 and January 2011. The indictment doesn't say whether Gubele played any role in the attack on Amazon in December 2010. According to Gubele's LinkedIn profile, he began working for the retailer in August 2010 and left the same month that Operation Payback concluded.

    Gubele and Simpson did not respond to interview requests. Twitter and Amazon declined to comment. Tadros, the security analyst, said in a text: "It's in my best interest not to answer any questions about my situation while the case is ongoing."

    FEDS LIKELY WANT TO SEND A MESSAGE
    US law enforcement has begun cracking down on computer crime and appears to be making an extra effort to track Anonymous members, who consider themselves activists for social change and come from all over the globe. During the past decade, the group has hacked or launched denial of service attacks against the Church of Scientology, numerous governments, Sony, the New York Stock Exchange and sites hosting child porn. While numerous arrests have been made, the percentage of Anonymous members tried for computer offenses is believed to be a tiny fraction of the group’s potential members. Nonetheless, the US government likely wants to send a message.
  • 0 Hide
    otacon , October 8, 2013 10:25 PM
    @AppleGoingDown Not only are you f'n idiot...you're a racist too.
  • -2 Hide
    AppleGoingDown , October 9, 2013 12:30 AM
    Only idiots and racists I see are people supporting Israel's crimes against humanity and people buying Apple products. Not to mention people like you who do not know the difference between RAM and flash storage. lol
Display more comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter