Anti-virus firm Avast managed to deflect a potential attack that took down competitors as part of a DNS change.
According to a blog by CEO Vincent Steckler, as several companies like AVG, Avira and WhatsApp apparently had their websites hacked by a new pro-Palestinian hacker group called KDMS Team, he confirmed that there was an attempt against the Avast website, but as it took immediate steps it was able to contain it.
In the attack against other sites, the attackers managed to take control of the hacked companies’ DNS records via their vendor, Network Solutions, and take control of the websites in question.
“We ourselves received a notification from Network Solutions saying our email had been changed. We knew we had not requested that so we immediately took action and changed our passwords, which protected us,” said Steckler.
Avast warned that if you get a notification from an online provider that your email address or a password was changed – no matter if it’s from your bank, an online shop, or any other online site – and you didn’t request these changes, you need to take steps to protect yourself by immediately changing your passwords for these sites.
In the attack, KDMS Team changed the DNS records so visitors found themselves at a page playing the Palestinian national anthem and displaying a political message under the title “You’ve been pwned”.
Security blogger Graham Cluley, said: “Whoever the employee was at Avast who spotted the suspicious email change notification from Network Solutions, they should be commended for his or her prompt action, as it certainly helped avoid what could have been an embarrassing incident for the security company.
“It’s a timely reminder for all companies about the part that people can play in securing your business. You can have all the technology in the world, but sometimes old-fashioned human vigilance can be the difference between a serious security incident and an attempted attack being foiled.”
