Iranian hackers brought down Baidu, China’s biggest search engine, this morning, and battle ensued – but nobody has any idea why.
Baidu is now up and running again, after a three and a half-hour period when it redirected to an Iranian Cyber Army site displaying the Iranian flag. While this seems to indicate support for the Iranian government, Baidu doesn’t appear to have done anything to antagonise Iran.
Users don’t appear to have been infected with any malware as a result of the attack.
“It’s not presently clear whether Baidu’s site itself was compromised or, as in the case with the Twitter attack, its DNS records,” said Sophos senior technology consultant Graham Cluely.
“If the website’s DNS records were breached then the hackers would have been able to redirect users who typed www.baidu.com into their browser to a webserver under their control.”
The attack has sparked retaliation from Chinese hackers, at rather random targets – possibly because most Iranian websites are in Farsi.
At PC supplier Room98’s website the server is down and a message reads: “I’m very sorry for this Testing!… This morning your Iranian Cyber Army intrusion our baidu.com… So i’m very unfortunate for you.. Don’t intrusion chinese website about the United States authorities to intervene the internal affairs of Iran’s response… This is a warning!”
It’s signed by the Honker Union for China, a nationalist union of hackers which has also attacked websites in the US.