Antivirus homepages temporarily hacked by Palestinian activists

AVG, Avira, and WhatsApp are among the targets in a DNS redirection attack.

On Tuesday morning, popular antivirus vendors AVG and Avira, as well as instant messenger service WhatsApp, all had their respective homepages hijacked by a group of activist hackers. This group later revealed themselves to be the KDMS Team.

The KDMS Team posted the following message, along with a YouTube embed:


MISSION COMPLETED
HACKED
KDMS TEAM
PLAESTINIAN HACKERS
Hello World

We Are Here To Deliver Tow Messages

First one:

we want to tell you that there is a land called Palestine on the earth this land has been stolen by Zionist

do you know it ?

Palestinian people has the right to live in peace

Deserve to liberate their land and release all prisoners from israeli jails

we want peace

long live Palestine

Second Message:

There Is No Full Security

We Can Catch You !

Hacked by KDMS team

Now .. We Will Quit Hacking

Avira's Sorin Mustaca was quoted on Softpedia, following the attack at Network Solutions, their ISP:

It appears that several Web sites of Avira as well as other companies have been compromised by a group called KDMS. The Web sites of Avira have not been hacked, the attack happened at our Internet Service Provider Network Solutions. It appears that our account used to manage the DNS records registered at Network Solutions has received a fake password-reset request not being initiated by anyone at Avira. Network Solutions appears to have honored this request and allowed a third-party to assume control of our DNS. Using the new credentials the cyber criminals have been able to change the entries to point to their DNS servers. We are working with the ISP to receive control on the domain name and only when we have solved the problem we will restore the access to the Avira services. At this point we are not aware of any effect to our customers.

AVG also issued a statement in response to the incident:

"AVG can confirm today that it has had a select number of online properties defaced as a result of our domain name system (DNS) registrar being compromised. A number of other companies appear to have been faced with the similar issue. The situation is being further monitored and assessed closely. Customers are our priority, the DNS records have been corrected and AVG is working hard to resume normal service levels to its customer base and continue to protect our customers and their privacy."

The pages have since been restored.

CNET Top 5
Companies Apple could buy with their billions
Apple's sitting on a massive pile of cash. Here are five interesting ways they could spend it.
Play Video
 

Member Comments