Iranian Cyber Army Hijacks Baidu.com Search Engine

China's most popular search engine, Baidu.com, has been attacked by a group of hackers, or hacktivists, as they would like to be known, called the Iranian Cyber Army. The hackers hijacked Baidu.com's DNS records and then piped it to a remote server where they could access the data and display their own image and text on the home page.

Baidu was established in 2000, and is China's alternative to Google. The website is currently number one in China and eight in the world, according to the Alexa traffic ranking. Additionally, Baidu.com dominates the search engine market in the country with over a 77 percent share.

The attack against the search engine started yesterday, when for about three hours, the main page displayed an image of the Iranian flag and a message reading "THIS SITE HAS BEEN HACKED BY IRANIAN CYBER ARMY" as shown in the image to the right.

Additional text found on the site at this time written in Persian translates to: "The Iranian Cyber Army has been established in protest to foreign countries and Zionists interfering in the domestic affairs of our country and broadcasting false news."

The Iranian Cyber Army is the same group of 'hacktivists' who managed to deface Twitter last month. In the twitter attack, the hackers apparently obtained unauthorized access to the domain's administration panel using a set of compromised credentials before altering DNS records. A similar technique apparently led to this latest incident against the Baidu.com search engine site.

Security researchers from Praetorian Security Group, a managed security services provider, reported that for the duration of the attack, Baidu.com pointed to an IP in the address space of ThePlanet, a U.S. Internet service provider. Normally, being headquartered in Beijing, Baidu Incorporated hosts its website and its services (over 50) with China Unicom, a large Chinese telecommunications operator.

It is yet unclear why the hackers targeted Baidu, except for attracting attention to their political statements. So far, China did not openly support, nor condemned Iran's nuclear program. Regardless of that, Sophos' Senior Technology Consultant, Graham Cluley, points out that this attack could have turned out much worse.

Cluley writes: "Imagine how easy it might have been for the hackers to have created a cloned version of the main Baidu webpage complete with a silent invisible-to-the-naked-eye link to a software exploit or piece of malware."

From the latest attacks conducted by the group who calls themselves the Iranian Cyber Army, do you think that they will target other large web sites or even American based websites in an effort to bring them down? What is your scoop on these attacks? Share your thoughts below in the comments area.