Daily cyber threats and internet security news: network security, online safety and latest security alerts
November 25th, 2010

Vulnerability Research Vendor Domain Hijacked And Defaced

The domain name of vulnerability research company Secunia was redirected earlier today to an unrelated Web page showing a message in Turkish, after its DNS records were altered.

Secunia is one of the world’s leading vulnerability intelligence and management vendors. Based in Denmark, the company tracks, rates and catalogs security vulnerabilities in more than 30,000 software applications, operating systems and appliances.

For one hour and ten minutes today, starting with 00:40 AM CET, users who visited saw a page displaying a message reading “Is?ms?z Kahramanlar Sunar.. System Get Down Gel Babana…” and a graphic showing a dragon with the text “TurkGivenligi” (Turk Security).

According to the vendor, the attack was the result of the authoritative DNS hosting being redirected. The exact circumstances under which this happened are still being investigated.

The Domain Name System (DNS) is one of the building blocks of the Internet and is responsible for translating domain names into IP addresses.

The domain normally resolves to, an IP address in Denmark, which belongs to the security company.

However, according to SANS ISC, during the attack, the domain pointed to, an IP registered to an UK company called Avensys Networks.

The most straight-forward method of hijacking a domain in this way, short of compromising its authoritative DNS server, is to change its corresponding NS records from the registrar-provided administration panel.

The technique usually involves socially engineering registrar employees and has previously been used to hijack high profile domains like, and

Three hackers responsible for hijacking Comcast’s domain in 2008 have already received prison sentences for their action.

Baidu sued last year for gross negligence, after the company’s staff gave hackers access to its domain name despite failing to pass the required security checks.

Credit: News, SANS Internet Storm Center

Share this item with others:

More on CyberInsecure:
  • Hijacked High-Ranked Sites Serve Malicious, Illegal Content, Blacklisted By Google
  • High Profile New Zealand Sites Registered At Defaced Through DNS Hijack
  • Hackers Hijack ICANN And IANA’s Domains
  • Google Bangladesh DNS Hijacked, Redirects Visitors For A Limited Time
  • Hacked And Defaced

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Vulnerability Research Vendor Domain Hijacked And Defaced

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.