Sunday brought some strange events to the Internet and one of them happens to be that hackers believed aligned with Anonymous made it look as if hackers broke into CBS.com and deleted the contents. This isn’t the usual DDoS attack washing a site away with so much traffic that it cannot respond—visitors were greeted instead with an empty page displaying a directory index.
The initial assumption has been that Anonymous hackers managed to gain root access to CBS.com and deleted the contents, however, according to a report from PCMag.com it looks like an enterprising Twitter user discovered that this is instead a case of DNS cache poisoning.
“Anonymous did not take down #CBS .com ; the IP for their web host changed from 184.108.40.206 to 220.127.116.11 & 37; looks like poisoned DNS,” wrote Twitter user @jeremiahfelt.
During the period of time that CBS.com was offline affected users were greeted with 404 errors and those that visited the front page discovered just a directory listing with the file “foundry.html” the only file in the directory.
The suggested sort of attack, “DNS cache poisoning,” may only affect a sub-segment of users of the Internet who receive the incorrect DNS entries so its unknown how widespread the 20 minute redirection happened to be. The irony of this sort of attack is that it reflects the same sort of activity that had been written into the original version of the “Stop Online Piracy Act” (SOPA) that has been heavily protested recently in the United States. This provision, since removed from the now-tabled bill, would allow the US government to force DNS handlers to change where domain names resolve to.
Of course, CBS.com wasn’t the only target of Anonymous over this Sunday.
The site for Universal Music was taken offline with a DDoS attack that removed access to it for most of Sunday morning. And shortly thereafter French media conglomerate Vivendi, owner of Universal Music Group, went offline as well.
This comes in the wake of a gigantic DDoS attack delivered last week against a multitude of websites thought to be party to the takedown of MegaUpload.com by the US government. This current emergence of Anonymous brings with it a new paradigm of security and defense as the DOJ themselves took down their own website Thursday to deflect the expected oncoming attack.
These attacks will only continue as the week wears on and the target list continues to swell. So far anyone connected with the MegaUpload takedown debacle seems to be fair prey. Curiosity is leaking into the gaming community as well wondering if Xbox LIVE will be one of the next targets—especially after Anonymous has been alleged to be involved in the 2011 hack that took Sony’s PlayStation Network for almost a month.