Craigslist DNS Hijacked, Redirected at Infamous “Prank” Site for Hours

Around 5:00pm PST on November 23, the Domain Name Service records for at least some of the sites hosted by the online classified ad and discussion service Craigslist were hijacked. At least some Craigslist visitors found their Web requests redirected toward an underground Web forum previously associated with selling stolen celebrity photos and other malicious activities.

In a blog post, Craigslist CEO Jim Buckmaster said that the DNS records for Craigslist sites were altered to direct incoming traffic to what he characterized as “various non-craigslist sites.” The account was restored, and while the DNS records have been corrected at the registrar, some DNS servers were still redirecting traffic to other servers as late as this afternoon.

Craigslist’s domain registrar is Network Solutions, which is owned by Web.com. [Update, 5:32 PM EST November 24: John Herbkersman, a spokesperson for Web.com, told Ars,“The issue has been resolved. At this time we are continuing to investigate the incident.”]

Read 4 remaining paragraphs | Comments