The website of respected security intelligence company Secunia was redirected for over an hour on Thursday morning after a DNS hijack pointed visitors to a different website.
From cached images, the attacker appears to be the work of a known Turkish language hacker called ‘TurkGuvenligi’ whose motivations remain unclear. The redirection lasted for just over and hour.
Direct defacement attacks on websites are a frequent hazard of being online, but DNS hijacks should in theory be harder to perpetrate because they involve changing the DNS records of a website.
The attacker would have had to hack the DNS database at a weak point in the system, probably a small ISP peered to a trusted provider somewhere on the Internet’s fringes. In many ways, such attacks are a small example of the much larger DNS hijacking event alleged by a US Congressional report last week to have taken place in April 2010.
Many of these attacks happen to gain attention for the attacker, usually by defacing or hijacking a site of a prominent company. Security companies are especially prized.