Twitter hacked, attacker claims Iran link

BOSTON/WASHINGTON Fri Dec 18, 2009 5:37pm EST

A Twitter page is displayed on a laptop computer in Los Angeles October 13, 2009. REUTERS/Mario Anzuoni

A Twitter page is displayed on a laptop computer in Los Angeles October 13, 2009.

Credit: Reuters/Mario Anzuoni

Related Topics

BOSTON/WASHINGTON (Reuters) - A computer hacker briefly hijacked Twitter.com on Thursday, redirecting users to a website and claiming to represent a group calling itself the Iranian Cyber Army.

Twitter, which in June became a key communication channel for Iranian protesters disputing the country's election results, said it was disrupted for a little more than an hour.

Twitter's home page was replaced with one whose headline read "This site has been hacked by Iranian Cyber Army" and an anti-American message.

"The motive for this attack appears to have been focused on defacing our site, not aimed at users," Twitter said on its blog. "We don't believe any accounts were compromised."

Security experts said it was the first time attackers have succeeded in hijacking a major social-networking website.

It was unlikely that the Iranian government was involved, despite its dislike of social networking sites and years of discord with the United States over its nuclear program, experts said.

A screen shot posted in a number of websites, including TechCrunch, shows the message written in red, set above a green flag. An e-mail sent to the address on the redirected Web page was returned.

The hacker or hackers got credentials to redirect Twitter's traffic to a bogus site, according to Dyn Inc, a company based in New Hampshire that directs that traffic for Twitter.

The attackers did not hijack accounts of the company's other customers, Dyn Vice President Kyle York said. "This was an isolated incident," he said.

Twitter, which allows people to broadcast 140-character messages to cell phones and on the Web, got caught up in Iranian politics earlier this year.

The U.S. State Department urged Twitter to delay maintenance that would have interrupted the site's service during the peak of the demonstrations.

As for Thursday's attack, a source close to the Department of Homeland Security said the Iranian government was likely not involved because of the unsophisticated nature of the work.

James Lewis, a cybersecurity effort with the think tank Center for Strategic and International Studies, said the attack might have come from a group that supports Tehran.

"This is ham-handed so it's probably not the Iranian government. It could be sympathizers," said Lewis.

The Iranian government would have been more likely to hack Twitter during protests or other upheaval when the site was being used by dissidents, he said.

(Reporting by Jim Finkle in Boston and Diane Bartz in Washington. Additional reporting by A.Ananthalakshmi in Bangalore. Writing by Paul Thomasch; Editing by Steve Orlofsky, Gary Hill and Robert MacMillan)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (13)
msk1361 wrote:
The hacked Iranina opposition site is:
www.mowjcamp.com
the site is damaged and the real team may be arrested because the have announced in their temporary address “www.mowjcamp.ws” that they can not continue their work.

Dec 18, 2009 9:39am EST  --  Report as abuse
ripw4 wrote:
puncuation should always be inside the quotation marks. “Iranian Cyber Army?” not “Iranian cyber army”?

Dec 18, 2009 10:19am EST  --  Report as abuse
decode18 wrote:
WTF!

Dec 18, 2009 10:29am EST  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.