Hacked Or Not?

Just a Cheap Trick: Facebook, Twitter, Apple and Microsoft DNS Records Were Not Hacked

By Adrianne Jeffries 10/04/11 3:43pm

via @felixsalmon

Via New Work City-based CTO Mike Caprio, the DNS records for Facebook, Twitter, Apple and Microsoft are looking a little funky–have they been hacked by pesky spammers, or perhaps Anonymous?

A whois lookup of Apple.com pulls the following spammy-looking result:

APPLE.COM.WWW.BEYONDWHOIS.COM
APPLE.COM.WAS.PWNED.BY.M1CROSOFT.COM
APPLE.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM
APPLE.COM.IS.OWN3D.BY.NAKEDJER.COM
APPLE.COM.IS.0WN3D.BY.GULLI.COM
APPLE.COM.BEYONDWHOIS.COM
APPLE.COM.AT.WWW.BEYONDWHOIS.COM
APPLE.COM

While this may look like Apple.com has been cracked, it looks from here like a cheap trick. “Someone registered apple.something.somethingelse.com,” said ProPublica programmer Al Shaw. “Somethingelse.com is not owned by apple. So apple.ispwned.com comes up when you do whois apple.com and people say Apple is hacked.”

GOOGLE.COM.ZZZZZZZZZZZZZ.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
GOOGLE.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
GOOGLE.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
GOOGLE.COM.ZNAET.PRODOMEN.COM
GOOGLE.COM.YUCEKIRBAC.COM
GOOGLE.COM.YUCEHOCA.COM
GOOGLE.COM.WORDT.DOOR.VEEL.WHTERS.GEBRUIKT.SERVERTJE.NET
GOOGLE.COM.VN
GOOGLE.COM.VABDAYOFF.COM
GOOGLE.COM.UY
GOOGLE.COM.UA
GOOGLE.COM.TW
GOOGLE.COM.TR
GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
GOOGLE.COM.SPROSIUYANDEKSA.RU
GOOGLE.COM.SOUTHBEACHNEEDLEARTISTRY.COM
GOOGLE.COM.SHQIPERIA.COM
GOOGLE.COM.SERVES.PR0N.FOR.ALLIYAH.NET
GOOGLE.COM.SAYS.IWANNATSAHEYLUWITHNINAT.COM
GOOGLE.COM.SA
GOOGLE.COM.REJSCRAP.COM
GOOGLE.COM.PE
GOOGLE.COM.PAVLINOFF-55-11-44.COM
GOOGLE.COM.MX
GOOGLE.COM.LASERPIPE.COM
GOOGLE.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET
GOOGLE.COM.IS.HOSTED.ON.PROFITHOSTING.NET
GOOGLE.COM.IS.APPROVED.BY.NUMEA.COM
GOOGLE.COM.HK
GOOGLE.COM.HICHINA.COM
GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
GOOGLE.COM.ESJUEGOS.NET
GOOGLE.COM.DO
GOOGLE.COM.CO
GOOGLE.COM.CN
GOOGLE.COM.BR
GOOGLE.COM.BITERMANSOLUTIONS.COM
GOOGLE.COM.BEYONDWHOIS.COM
GOOGLE.COM.AU
GOOGLE.COM.AR
GOOGLE.COM.AFRICANBATS.ORG
GOOGLE.COM

Via Mr. Shaw and Tennessee dev Shaun Inman, here is a good explanation of DNS spam. “That `whois apple.com` isn’t legit (or new). Run `whois -h whois-servers.net apple.com` for real record,” Mr. Inman tweeted.

Everybody! Get back to work!

Adrianne Jeffries is the editor of Betabeat. Follow Adrianne on Twitter or via RSS. ajeffries@observer.com

Comments

  1. Daniel M says:
    October 5, 2011 at 4:59 am

    Doesnt explain why Apple.com was giving an access denied message

See also
Booting Up: Now Rumors Have Facebook Thinking of Buying Waze Facebook Says It Was Hacked Last Month, But 'No Evidence' User Data Was Breached Twitter Is Getting Photo Filters, Powered By New York's Own Aviary Microsoft Launches New Social Network That Looks Exactly Like Google+ FBI Calls Bullshit on Antisec's Hacked Apple IDs Claim
topics: Apple, Hacked Or Not?, dns
Next in Tech