Syrian Hackers Mess With Facebook’s Domain. Nothing Happens.
The hacker group known as the Syrian Electronic Army claimed Wednesday that it had hacked the domain name registration information for social networking giant Facebook, wreaking … well, not much.
The claim was made via the group’s Twitter feed, which showed screen grab images of Facebook’s domain registry information listing contact addresses in the Syrian capital city of Damascus. The attack was not against Facebook itself, but against the company responsible for maintaining its Internet domain registration, MarkMonitor.
And while the change displayed was shown on MarkMonitor’s system, it didn’t reflect in the database of Verisign, the main registrar for the .com top-level domain.
The end effect on Facebook users was nonexistent because Facebook has put in place “registrar locks” that prevent changes to domain names from being carried out without manual checks with real live humans. So while the hackers were able to edit a little bit of information on MarkMonitor’s database, it had no effect on where traffic to facebook.com was directed.
MarkMonitor specializes in the protection of digital intellectual property, including brands and trademarks, from fraud and counterfeiting online, and it has handled domain name registrations for numerous companies, including Facebook and Apple. It was acquired by Thomson Reuters in 2012.
The attack followed a similar one against the U.K.-based sites of eBay and PayPal over the weekend that resulted in traffic to portions of those sites being briefly redirected to sites containing propaganda, including an image of a Syrian flag and screen grabs showing hacked information from the MarkMonitor database.
Last year the SEA hijacked traffic to the website of the New York Times by hacking its domain name registry information. For a short time, visitors to NYTimes.com were redirected to a site displaying propaganda in support of the regime of President Bashar al-Assad. A day later the group relented as the site it set up to receive the traffic was overwhelmed. Apparently they were trying to do something similar with Facebook, but it didn’t work.
Here are two tweets containing the SEA’s claims. Neither MarkMonitor nor Facebook had any immediate comment.
— SyrianElectronicArmy (@Official_SEA16) February 5, 2014
— SyrianElectronicArmy (@Official_SEA16) February 6, 2014