Wikileaks Hacked by OurMine in an Embarrassing Challenge

Wikileaks Published Files on CIA Hacking Tools

It appears as though WikiLeaks website has been hacked as a result of a challenge it began. A hacking group referred to as OurMine, which has targeted companies, CEOs, and new websites claimed the overall victory.

There was a message displayed on the WikiLeaks.org Homepage as of Thursday morning from OurMine group. The message ridiculed the organization which publishes secret information reminding Anonymous of the time it challenged the Security Group to hack WikiLeaks.

This message could be seen on sites accessed from different locations while some users a message reading “account suspended.”

But even though WikiLeaks was humiliated by the hack, the attack comes across as a low-tech affair. Can be digitally compared to spray-painting graffiti on a bank’s front desk and bragging you’ve breached its security.

What the group did was execute a “DNS poisoning” attack for a limited period of time. Instead of directly attacking the Wikileaks servers, it chose to convince some DNS servers to change records. The DNS servers falsely directed the browsers that information searched for was based on a different server that in essence belongs to OurMine.

DNS servers are responsible for converting web addresses such as wikileaks.org into machine readable code to instruct the computer where to connect.

There is nothing to suggest that any servers owned by WikiLeaks were directly attacked by the hackers. The DNS protocol has over the years remained the best target by state actors and malicious persons since it’s a weak point on the Internet.

This attack was aimed at WikiLeaks but the real contest must have been between OurMine and Anonymous (online collective). The message published on WikiLeaks site begins by “testing your…” but immediately breaks off to remind about a challenge to hack WikiLeaks. The success marks the third attempt after two previous ones in 2015 and 2016. The first two attacks were DDoS, a kind of attack aimed at crumbling an organization.

Anonymous was outraged by the spat, forcing them to publish personal information of individuals that they believe are part of OurMine. But hackers never agreed to the so-called ‘doxing‘.

A member of OurMine shared a message from a Twitter account that admitted responsibility for the attack and reminded of the challenge posed several months ago. “We have been working hard to get through WikiLeaks and we finally did it! Our focus now is on retrieving some emails but all we can get as per now is a string of messages meant for WikiLeaks press contact,” read the post.

The group’s attacks are normally executed in an almost similar manner. First, it locates re-used passwords in a previous data breach and then tests them in different services until a working password is found. They then post a message which reads “testing your security…” before proceeding to redirect the site to their own servers. They used a similar methodology to take control of HBO’s Twitter accounts when the media company fought against a different ransomware attack.

WikiLeaks is yet to give a response despite requests from media houses for comment.