WikiLeaks Defaced By OurMine Hackers

30/08/2017

The notorious security hacking group, OurMine, is known for breaching into high-profile figures, famous website, and companies' social media accounts.

They include: Facebook CEO Mark Zuckerberg, Twitter CEO Jack Dorsey, Google CEO Sundar Pichai, Wikipedia's co-founder Jimmy Wales, Pokémon Go creator John Hanke and others

This time, it's defacing the WikiLeaks website.

WikiLeaks is a whistleblowing website that since March, has been revealing top CIA hacking secrets under Vault 7, including the agency's ability to break into different mobile and desktop platforms, security cameras, live streams, air-gap computers and a lot more.

Defaced by the OurMine hacking group, WikiLeaks' official website was left with a message shown below.

While the frontend of the website has been defaced, there was no indication that its servers and website have been compromised. Instead, the hacking group had successfully redirected the website to their own servers using DNS poisoning attack.

A strategy also known as DNS spoofing, OurMine got their hands on the controls of WikiLeaks' DNS server and changed a value of the name-servers in order to divert internet traffic to a malicious IP address.

Not long afterwards, the site administrators regained access to WikiLeaks's DNS servers and made the site back online from its official legitimate servers.

OurMine is a Saudi Arabian group of hackers who claims to be a "white hat" security firm. The group market itself by doing white hat (ethical) hacking on targets, encouraging them to buy its IT security service.