14 DAY TRIAL // Rapid7 representatives have clarified that it wasn’t a spoofed DNS change request fax that led to Rapid7.com and Metasploit.com being hijacked by pro-Palestinian hackers of KDMS Team.
Initial reports from Rapid7 revealed that a spoofed DNS change request sent by fax to Register.com led to the domains being hijacked. However, after further investigations, Register.com determined that the hackers social engineered an employee into handing over legitimate credentials.
The credentials were used to access the registrar’s systems and change the DNS records.
Rapid7 is not the only company impacted by the breaches suffered by Register.com and Network Solutions (both owned by Web.com). The hackers have defaced the websites of AVG, WhatsApp, Avira, ESET, Bitdefender, Alexa, LeaseWeb, and they’ve also tried to hijack the domain of Avast.
KDMS Team has been quiet over the past couple of days. However, they’ve warned that their campaign to raise awareness of the situation in Palestine is far from being over.