“Ourmine” group uses DNS cache poisoning to pretend it hacked WikiLeaks

Source: Gizmodo

“If you tried visiting WikiLeaks late Wednesday evening, you might’ve gotten the impression that the website was hacked. For now at least, that doesn’t appear to be the case. For some users, wikileaks.org appeared to be defaced. The phrase ‘OURMINE’ was just suddenly there, splashed across a blackground in red and white letters. Above it read, ‘Hacked by OurMine,’ while below the self-described hackers left a message mocking both Julian Assange and Anonymous. But it doesn’t appear that WikiLeaks itself was actually hacked at all — neither the website nor Assange’s servers containing an endless trove of classified US government documents seem to be compromised. … The illusion was accomplished through what’s called DNS hijacking, an attack on the domain name server used to translates a user friendly URL like ‘wikileaks.org‘ into its corresponding IP address.” (08/31/17)