Twitter hacked, attacker claims Iran link

BOSTON/WASHINGTON (Reuters) - A computer hacker briefly hijacked on Thursday, redirecting users to a website and claiming to represent a group calling itself the Iranian Cyber Army.

A Twitter page is displayed on a laptop computer in Los Angeles October 13, 2009. REUTERS/Mario Anzuoni

Twitter, which in June became a key communication channel for Iranian protesters disputing the country’s election results, said it was disrupted for a little more than an hour.

Twitter’s home page was replaced with one whose headline read “This site has been hacked by Iranian Cyber Army” and an anti-American message.

“The motive for this attack appears to have been focused on defacing our site, not aimed at users,” Twitter said on its blog. “We don’t believe any accounts were compromised.”

Security experts said it was the first time attackers have succeeded in hijacking a major social-networking website.

It was unlikely that the Iranian government was involved, despite its dislike of social networking sites and years of discord with the United States over its nuclear program, experts said.

A screen shot posted in a number of websites, including TechCrunch, shows the message written in red, set above a green flag. An e-mail sent to the address on the redirected Web page was returned.

The hacker or hackers got credentials to redirect Twitter’s traffic to a bogus site, according to Dyn Inc, a company based in New Hampshire that directs that traffic for Twitter.

The attackers did not hijack accounts of the company’s other customers, Dyn Vice President Kyle York said. “This was an isolated incident,” he said.

Twitter, which allows people to broadcast 140-character messages to cell phones and on the Web, got caught up in Iranian politics earlier this year.

The U.S. State Department urged Twitter to delay maintenance that would have interrupted the site’s service during the peak of the demonstrations.

As for Thursday’s attack, a source close to the Department of Homeland Security said the Iranian government was likely not involved because of the unsophisticated nature of the work.

James Lewis, a cybersecurity effort with the think tank Center for Strategic and International Studies, said the attack might have come from a group that supports Tehran.

“This is ham-handed so it’s probably not the Iranian government. It could be sympathizers,” said Lewis.

The Iranian government would have been more likely to hack Twitter during protests or other upheaval when the site was being used by dissidents, he said.

Reporting by Jim Finkle in Boston and Diane Bartz in Washington. Additional reporting by A.Ananthalakshmi in Bangalore. Writing by Paul Thomasch; Editing by Steve Orlofsky, Gary Hill and Robert MacMillan