Computer Security Craigslist Back Online After DNS Hijacking Attack Shuts...

Craigslist Back Online After DNS Hijacking Attack Shuts Down Popular Classifieds Site

craigslist dns hijack shut downAny and everyone who is accustomed to surfing the Internet on a regular basis knows of the popular Craigslist classifieds services. Craigslist offers a wide range of user-listed items and services throughout North America with individualized sections dependent on popular cities across the United States and Canada.

Being such a robust network of classifieds, Craigslist is naturally a target for hackers. It just so happens that hackers aimed an attack on the Craigslist site and were successful in hitting their bullseye with an aggressive DNS Hijack attack. The DNS hijack actually brought Craigslist down Sunday night making the service unavailable by redirecting site visitors to various non-craigslist sites. One eyebrow-raising detail about this Craigslist DNS hijack was that the DNS records maintained at one of Craigslist's domain registrars were compromised. In such an event, it means that users attempting to visit the domain were diverted to other sites, ones that may have been purposely created to spread malware or offer other services for monitory gain on the hacker's part.

With Craigslist getting around 50 billion page views each month, the DNS hijacking attack is nothing to take lightly as its temporary state could have directed millions of users to potentially dangerous sites. Upon getting a grasp on the DNS hijack and how to "fix" the issue, the perpetrators behind the incident were identified to root from Digital Gangster, a popular online forum.

The Digital Gangster site, not to be confused with "The Digital Gangster," a site used for marketers, was one of the various sites that Craigslist users were diverted to. What is probably a funny case in this DNS hijack, is that in process of redirecting Craigslist's traffic to Digital Gangster, the Digital Gangster site itself crashed because it could not handle the immense traffic from Craigslist users. Basically, the hackers potentially inflicted more harm on themselves rather than on Craigslist. However, due to the nature of how Craigslist's DNS entries were attacked, after restoring the Craigslist service many internet surfers are still being diverted to other pages due to the Craigslist name entries being flushed via internet service providers.

Those who are loading sites other than Craigslist when visiting or should ask their internet service provider to flush all Craigslist domain entries (A, CNAME and SOA) from their DNS servers so your access is restored to load the proper URL. Attacks such as these remind us of a time where rookie hackers take on much more than they can handle and end attacking smaller entities instead of big dogs like Craigslist. In such a case, the hackers behind the Craigslist DNS hijack could be on the lookout for something a little smaller, which could vary greatly in the retrospect of the vast size of Craigslist. Either way, the hackers may think twice about wreaking havoc on services has big as Craigslist.