The anonymous hacking group OurMine recently hacked WikiLeaks, the data-leaking site owned by Julian Assange. The users of the website were redirected to a page that claimed the attack was a response to a challenge from WikiLeaks to hack them. The message on the redirected page said, “Hi, it’s OurMine (Security Group), don’t worry we are just testing your…. blablablab, oh wait, this is not a security test! Wikileaks, remember when you challenged us to hack you? Anonymous, remember when you tried to dox us with fake information for attacking WikiLeaks? There we go! One group beat you all! #WikileaksHack let’s get it trending on twitter!” This is the third time OurMine hackers have breached WikiLeaks after the two denial-of-service (DDoS) attacks in December 2015 and July 2016.
The attack by OurMine hackers seems to be a low-tech affair, as the security breach is carried out by “DNS poisoning” through WikiLeaks domain provider. DNS poisoning attacks connect to the actual DNS servers to change the location of the website to a redirected server. Apparently, WikiLeaks own servers were not breached.
The hacks by OurMine generally follow the same style. The attackers find the reused passwords of previously compromised accounts and test them on different services till they find the one that works. The group then posts a message claiming the attack to test the victim’s security and links it to the hackers’ website, which offers penetration testing for $30 onwards.
Post the recent WikiLeaks attack, one member of Ourmine tweeted, “they challenged us to hack them about a few months ago, and we’ve been working on this hack for a very long time, and finally we did it! It’s hacked! … We are working to obtain new secret things/emails from WikiLeaks but for now, we are only able to receive new messages that have been sent to [the Wikileaks press contact].”
Other than WikiLeaks, OurMine group has hacked social media accounts of Mark Zuckerberg, Dick Costolo, Jack Dorsey and Sundar Pichai, and website like BuzzFeed. The group had also breached the twitter account of FC Barcelona, Real Madrid C.F., and HBO.