Jump to content


DNS provider's error caused LinkedIn "hack"...

  • Please log in to reply
No replies to this topic

#1 TheSentinel


    The man in the dark

  • General Admin
  • 31,817 posts

Posted 23 June 2013 - 06:03 PM

21 June 2013, 11:55
DNS provider's error caused LinkedIn "hack" and affected 5,000 more


LinkedIn, the professional networking site which had been reported as hacked or hijacked yesterday, was in fact the victim of human error at the company's DNS provider, Network Solutions, an error which appears to have affected up to 5,000 domains in all. Network Solutions has said in a blog posting that while trying to resolve a DDoS (Distributed Denial of Service) attack, it accidentally changed the DNS records of a "small number" of customers.  According to Cisco security researcher, Jaeson Schultz, the 'hijacking' involved the domain's name servers being replaced with name servers at ztomy.com and nearly 5,000 domains may have been affected by the change, including usps.com. Others affected included Fidelity and Yelp. Curiously, several of the domains pointed not at ztomy.com itself but to various sub-domains such as ns1620.ztomy.com, ns2620.ztomy.com, ns1621.ztomy.com, ns2621.ztomy.com and so on. "The fact that so many domains were displaced in such a highly visible way supports Network Solutions’ claim that this was indeed a configuration error", says Schultz