A group of hackers calling themselves KDMS Team claim responsibility for an attack against the websites of popular messaging service WhatsApp.com.
The group allegedly affiliated with Anonymous took down WhatsApp.com and defaced it by displaying a pro-Palestinian message under the bombastic title â€œMISSION COMPLETED - while the Palestinian national anthem is playing in the background.
Hackers wanted to deliver Â two messages, written in poor English. The first one, clearly nationalistic, writes: “We want to tell you that there is a land called Palestine on the earth / this land has been stolen by Zionist / do you know it? / Palestinian people has the right to live in peace / Deserve to liberate their land and release all prisoners from Israeli jails / we want peace.”
While the second one announces the affiliation of the KDMS Team to the bigger and notorious Anonymous group.
It appears hackers made a DNS hijack to redirect users towards a fake server with a deface page that displays the group’s propagandistic mesages, according to CNET. The targets are working to solve the issue. At the moment there is no indication that customer data was accessed or misused in any way.
WhatsApp, a mobile service that offers a free alternative to texting, handles billions of messages a day, according to the company’s data. The popularity of this service clearly made it a target for these hackers who wanted to make sure their messages reach as many people as possible.
Update1: The main websites of AVG and Avira fell victim to a similar case of DNS hijacking initiated by the same Palestinian hacker group KDSM Team. The visitors of these sites see the real site or the defacement page depending on what DNS they’re using, as reported by Softpedia.
Update2: International Business Times also reports further hacks – web analytics company Alexa, and hosting provider Leaseweb. Apparently all targets shared the domain registrar – Network Solutions. It is to be determined if the group managed to pierce this network or lead separate attacks against each of the compromised company websites.