Hacked Or Not?

Just a Cheap Trick: Facebook, Twitter, Apple and Microsoft DNS Records Were Not Hacked

apple dns felix salmon Just a Cheap Trick: Facebook, Twitter, Apple and Microsoft DNS Records Were Not Hacked

via @felixsalmon

Via New Work City-based CTO Mike Caprio, the DNS records for Facebook, Twitter, Apple and Microsoft are looking a little funky–have they been hacked by pesky spammers, or perhaps Anonymous?

A whois lookup of Apple.com pulls the following spammy-looking result:

APPLE.COM.WWW.BEYONDWHOIS.COM
APPLE.COM.WAS.PWNED.BY.M1CROSOFT.COM
APPLE.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM
APPLE.COM.IS.OWN3D.BY.NAKEDJER.COM
APPLE.COM.IS.0WN3D.BY.GULLI.COM
APPLE.COM.BEYONDWHOIS.COM
APPLE.COM.AT.WWW.BEYONDWHOIS.COM
APPLE.COM

While this may look like Apple.com has been cracked, it looks from here like a cheap trick. “Someone registered apple.something.somethingelse.com,” said ProPublica programmer Al Shaw. “Somethingelse.com is not owned by apple. So apple.ispwned.com comes up when you do whois apple.com and people say Apple is hacked.”

GOOGLE.COM.ZZZZZZZZZZZZZ.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
GOOGLE.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
GOOGLE.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
GOOGLE.COM.ZNAET.PRODOMEN.COM
GOOGLE.COM.YUCEKIRBAC.COM
GOOGLE.COM.YUCEHOCA.COM
GOOGLE.COM.WORDT.DOOR.VEEL.WHTERS.GEBRUIKT.SERVERTJE.NET
GOOGLE.COM.VN
GOOGLE.COM.VABDAYOFF.COM
GOOGLE.COM.UY
GOOGLE.COM.UA
GOOGLE.COM.TW
GOOGLE.COM.TR
GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
GOOGLE.COM.SPROSIUYANDEKSA.RU
GOOGLE.COM.SOUTHBEACHNEEDLEARTISTRY.COM
GOOGLE.COM.SHQIPERIA.COM
GOOGLE.COM.SERVES.PR0N.FOR.ALLIYAH.NET
GOOGLE.COM.SAYS.IWANNATSAHEYLUWITHNINAT.COM
GOOGLE.COM.SA
GOOGLE.COM.REJSCRAP.COM
GOOGLE.COM.PE
GOOGLE.COM.PAVLINOFF-55-11-44.COM
GOOGLE.COM.MX
GOOGLE.COM.LASERPIPE.COM
GOOGLE.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET
GOOGLE.COM.IS.HOSTED.ON.PROFITHOSTING.NET
GOOGLE.COM.IS.APPROVED.BY.NUMEA.COM
GOOGLE.COM.HK
GOOGLE.COM.HICHINA.COM
GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
GOOGLE.COM.ESJUEGOS.NET
GOOGLE.COM.DO
GOOGLE.COM.CO
GOOGLE.COM.CN
GOOGLE.COM.BR
GOOGLE.COM.BITERMANSOLUTIONS.COM
GOOGLE.COM.BEYONDWHOIS.COM
GOOGLE.COM.AU
GOOGLE.COM.AR
GOOGLE.COM.AFRICANBATS.ORG
GOOGLE.COM

Via Mr. Shaw and Tennessee dev Shaun Inman, here is a good explanation of DNS spam. “That `whois apple.com` isn’t legit (or new). Run `whois -h whois-servers.net apple.com` for real record,” Mr. Inman tweeted.

Everybody! Get back to work!

Follow Adrianne Jeffries on Twitter or via RSS. ajeffries@observer.com

Comments

  1. Daniel M says:

    Doesnt explain why Apple.com was giving an access denied message