http://www.computerworld.com/s/article/9162118/Baidu_Registrar_incredibly_changed_our_e_mail_for_hacker?taxonomyId=17 By Owen Fletcher and Robert McMillan IDG News Service February 24, 2010 A hacker who took down top Chinese search engine Baidu.com last month broke into its account with a U.S. domain name registrar by pretending to be from Baidu in an online chat with the registrar's tech help, according to a lawsuit filed by Baidu. Support staff at the registrar, Register.com, then refused to aid Baidu when first contacted about Baidu.com redirecting users to a Web page that declared, "This site has been hacked by the Iranian Cyber Army," the Baidu complaint alleges. The complaint was filed last month in U.S. District Court for the Southern District of New York, but the court only recently released an unredacted copy of the complaint. The complaint says Baidu's service was disrupted for five hours by the hack and seeks millions of dollars allegedly lost in revenue and other costs. The attack began on the afternoon of Jan. 11 when the hacker contacted Register.com tech help via online chat and claimed to be from Baidu, the complaint alleges. The attacker asked a support representative to change Baidu's e-mail address on file. The representative then sent a confirmation code to Baidu's e-mail account even though the hacker answered a security question incorrectly, the complaint alleges. [...] ___________________________________________________________ Register now for HITBSecConf2010 - Dubai, the premier deep-knowledge network security event in the GCC, featuring keynote speakers John Viega and Matt Watchinski! http://conference.hitb.org/hitbsecconf2010dxb/Received on Wed Feb 24 2010 - 22:55:57 PST
This archive was generated by hypermail 2.2.0 : Wed Feb 24 2010 - 22:58:04 PST