Hot on the heels of last month’s attack on Twitter, the so-called “Iranian Cyber Army” appears to have defaced another high profile website.
Baidu, formed in 2000, is China’s number one search engine, dominating the home market for online searches – partly because it had a six year head start over Google. As a result of its huge popularity, it’s no wonder that from time to time hackers might try and take advantage of the site, just as top websites can be in the frame for attack in the West.
Earlier today, visitors to Baidu.com’s home page were met with a message – “This site has been hacked by Iranian Cyber Army” – alongside what I presume to be Farsi, and a picture of the national flag of Iran:
It’s not presently clear whether Baidu’s site itself was compromised or, as in the case with the Twitter attack, its DNS records. If the website’s DNS records were breached then the hackers would have been able to redirect users who typed www.baidu.com into their browser to a webserver under their control.
Within two hours the Baidu website appeared to be returning to normal operation, and as far as we can tell the motive for the attack was political rather than financial. However, imagine how easy it might have been for the hackers to have created a cloned version of the main Baidu webpage complete with a silent invisible-to-the-naked-eye link to a software exploit or piece of malware.
Attacks like this are a reminder to everyone that you always need to have security scanning every webpage you visit, even if it’s an established legitimate website.