Security Experts:

Al-Jazeera Website Hack Caused by DNS Poisoning

The main website of news network Al-Jazeera was hacked Tuesday afternoon by Syrian government loyalists in retaliation for the network's recent news coverage of the conflict in Syria. Hacked

A statement denouncing Al-Jazeera's "positions against the Syrian and people and government" was posted in Arabic on the Al-Jazeera website early Tuesday afternoon Eastern time, according to Reuters. The message, along with a Syrian flag, remained on the site for most of the afternoon. As of early Tuesday evening, the message had been removed and a default error message was in place.

Disruption to Al Jazeera sites was caused by poisoning of DNS servers owned and run by an external company, Bilal Randeree wrote on Twitter. His profile indicates he is a social media and Web editor for Al Jazeera English. "They've fixed it, tho may take a while for some visitors," Randeree wrote late Tuesday.

The attack appears to have been spurred by the network's coverage of the uprising against Syrian President Bashar al-Assad, which began in March last year. Al-Jazeera has publicly backed the Sunni rebel movement in Syria against Assad's Alawite-led government.

"This is a response to your position against the people and government of Syria, especially your support of the armed terrorist groups and spreading false fabricated news," according to the translation of the message that appeared on the site, provided by Reuters. "Your website has been hacked, and this is our response to you."

Anti-government activists took to Twitter to blame the site's defacing on government loyalists. Some people reported was defaced while remained normal, and others reported seeing the reverse. Others reported just seeing the site timeout. SecurityWeek saw the defaced page on as evidenced by the screenshot below: Hacked

A group called "al-Rashedon," or "the guided ones," claimed responsibility for taking over the site. The group was unknown prior to the attack, but it's not the first online attack by pro-Syrian activists. The blogging platform used by Reuters was breached twice just last month by government loyalists. The attackers posted fake news stories on the site, including one about a Syrian rebel retreat going up on Jeffrey Goldfarb's blog. While no one explicitly claimed credit for the attacks on Reuters, the contents of the fake news stories suggest a pro-Syrian government slant.

Other loyalists are members of the Syrian Electronic Army, an online group which targets media and other sites it sees as sympathetic to the Syrian rebels.

view counter
Fahmida Y. Rashid is a Senior Contributing Writer for SecurityWeek. She has experience writing and reviewing security, core Internet infrastructure, open source, networking, and storage. Before setting out her journalism shingle, she spent nine years as a help-desk technician, software and Web application developer, network administrator, and technology consultant.