WikiLeaks Web site Hacked and Defaced By OurMine

A hacking group named to be “OurMine” has managed to hack and deface the official web site of WikiLeaks earlier immediately. OurMine hackers had left the next message on its deface web page:-

Hello, it’s OurMine ( Safety Group ), don’t fear we’re simply testing your…. blablablab, Oh wait, this isn’t a safety take a look at! Wikileaks, keep in mind once you challenged us to hack you?

Nameless, keep in mind once you tried to dox us with pretend data for attacking wikileaks? https://twitter.com/YourAnonNews/standing/679472812013301762

There we go! One group beat you all! #WikileaksHack let’s get it trending on twitter!

Www.OurMine.Org | [email protected]

The Twitter hyperlink standing shared on the deface web page will be discovered beneath:-

A screenshot of WikiLeaks web site wikileaks.org hacked and defaced by OurMine.

Upon investigating the hack, it seems that the WikiLeaks area “wikileaks.org” title had hacked. In keeping with the area’s WHOIS data, it had been up to date immediately on “2017-08-31T06:30:15Z”. This absolutely signifies that area particulars had been up to date earlier immediately.

A Screenshot of WikiLeaks (wikileaks.org) Domain WHOIS information being updated.
A Screenshot of WikiLeaks (wikileaks.org) Area WHOIS data being up to date.

OurMine hackers some how managed to realize entry to wikileaks.org area and adjusted its DNS nameservers to a server that was managed by the hackers. The server I.P in charge of the hacker is 181.215.237.148. Whereas visiting the I.P handle talked about, the deface web page has appeared simply because it appeared on the WikiLeaks area.

A Screenshot of WikiLeaks domain "wikileaks.org" pointing to the server 181.215.237.148.
A Screenshot of WikiLeaks area “wikileaks.org” pointing to the server 181.215.237.148.

It’s nonetheless unclear how OurMine hackers gained entry to the wikileaks.org area. Though the next strategies might have been used to realize management:-

  1. OurMine might have gained entry to the WikiLeaks area registry Dynadot.com
  2. OurMine might have social engineered WikiLeaks area registry, by fooling one among their staffs to alter its nameservers.
  3. OurMine might have hacked one of many registries workers accounts.
  4. OurMine might have hacked WikiLeaks area proprietor itself.
See also  Terdot: Banking Malware-Espionage Instrument Stealing Social Media and E-mail Accounts

On the time of publishing this text, the WikiLeaks web site remained defaced in lots of international locations. Nevertheless, the web site was accessible by way of VPN at totally different international locations. Nevertheless, we aren’t certain until when the positioning would stay offline. In keeping with social media customers, the web site had been defaced for greater than 2 hours.

Replace:- The website hosting firm that hosts the I.P 181.215.237.148, that was used to redirect WikiLeaks area by OurMine seems to have suspended the website hosting account. Upon checking the WHOIS data for the server I.P, the website hosting service supplier seems to be RivalHost.

A Screenshot of WikiLeaks website "WikiLeaks.org" server that was used by OurMine to deface the domain web hosting account suspended.
A Screenshot of WikiLeaks web site “WikiLeaks.org” server that was utilized by OurMine to deface the area website hosting account suspended.

Replace:- Julian Assange tweets concerning the WikiLeaks web site being hacked. Julian Assange has mentioned that the WikiLeaks servers weren’t hacked, whereas the DNS had been compromised.

Replace:- WikiLeaks group additionally shared a tweet on Twitter, stating that their servers weren’t hacked.

As this story remains to be beneath growth, we are going to replace this information article as quickly as new data is acquired concerning WikiLeaks web site getting hacked by OurMine.