Dubai: Traffic to telecom operator etisalat’s website was redirected to a Chinese website early on Thursday.
Etisalat has fixed the issue but not before news broke out on Twitter with many users reporting the incident on social media.
Etisalat site got hacked. It is going to Chinese site now. Some body fix and flush DNS.— Ravi Teja Polina (@RaviTejaPolina) December 18, 2014
@Etisalat 's website seem to have been hacked and defaced. Etisalat.ae and e4me.ae pic.twitter.com/ulkN2Lrtzn— Amro Al Jaberi (@_barthezz_) December 18, 2014
“Someone has managed to compromise the domain name structure (DNS) infrastructure of the internet. Technically it known as ‘DNS cache poisoning’ or ‘DNS spoofing’. He [the attacker] has managed to change the DNS records of etisalat’s website,” Nicolai Solling, director of technology services at help AG, a security solutions provider, told Gulf News.
He said that etisalat did not have vulnerability on its website but its domain name structure (DNS) was "poisoned".
The attacker was able to update the DNS records associated with etisalat.ae. So, when a person logs on to etisalat’s website, it supplies false data to clients.
DNS is like a telecom book and it is a service that translates domain names (etisalat.ae) into IP addresses (192.168.1.101). The DNS server translates alphabets to numbers.
To perform a cache poisoning, Solling said the attacker exploits flaws in the DNS software.
Etisalat hasn’t given any official statement about the incident and did not answer Gulf News queries, but a customer care spokesperson said that the service is back to normal.
Even its payment service platform — e4me.ae — was showing an error message in the morning — “Gateway Timeout. The server did not receive a timely response from the upstream server.”
