No, this is not some bug bounty contest hosted by the Wikileaks – their website known for its high-profile leaks against big names like the CIA. The website was attacked (now restored) by the hacker group called OurMine who call themselves White Hats trying to point out bugs.
Users weren’t able to access the website on Thursday morning which displayed the following message.
“Hi, it’s OurMine (Security Group), don’t worry we are just testing your…. blablablab, oh wait, this is not a security test! Wikileaks, remember when you challenged us to hack you?”
“Anonymous, remember when you tried to dox us with fake information for attacking wikileaks ?”
“There we go! One group beat you all! #WikileaksHack lets get it trending on twitter!”
The cyber-attack that embarrassed Wikileaks was an act of DNS poisoning done by OurMine. Wikileaks’ actual servers weren’t compromised during the process. And the website was able to get back online after a while.
This type of attack involves configuring a DNS server to redirect to a new web page URL, hosted on some other server, for a given IP address during resolution. In this case, the new web page was hosted on OurMine’s servers where the users saw the message. You can read more about how DNS works in this detailed post.
It’s not the first time OurMine has gone after Wikileaks. They launched two DDoS attacks against the website between December 2015 and July 2016.
The latest attack also brings to attention the enraged attitude of the hacker group against Anonymous. The personal details of OurMine members were doxed by Anonymous after they failed to accept Anonymous’ request to stop DDoSing Wikileaks.
OurMine is a known hacker group which was in the news last year for compromising the Twitter accounts of CEO Jack Dorsey and Yahoo’s Merissa Meyer. And the Pinterest and Twitter accounts of Facebook’s boss Mark Zuckerberg.
If you have something to add, drop your thoughts and feedback.