14 DAY TRIAL // People trying to access FC Zenit Saint Petersburg's website on Wednesday were greeted by a page slamming two of the city's top politicians, after a hacktivist managed to hijack the club's domain name.
According to Sophos, the page displayed the pictures of Saint Petersburg governor Valentina Matviyenko and parliament speaker Vadim Tyulpanov along with a message that read in part:
"To hell with the party of thieves and pickpockets. They have already destroyed more buildings than the Nazis during the attack on Leningrad between '41 and '44."
The football club, one of Russia's strongest and winner of the 2008 UEFA Cup and Super Cup, announced on Facebook that its website was not hacked.
"The problems with our website are not caused by a hacker attack. They are connected to problems with the DNS of our domain name's registrar," the announcement said.
The chances of the registrar's DNS servers malfunctioning and pointing to a political protest page by coincidence are extremely low. It's much more likely that the domain was hijacked.
This type of compromise is not uncommon and it happened to much bigger websites. For example, the domain name of Russia's largest payment processor, ChronoPay, was hijacked in December to steal credit card information.
Such attacks can also serve as a starting point for a more serious breaches. Just like week, a hacker hijacked the personal domain name of Stephen Toulouse, Microsoft's director of policy and enforcement for Xbox LIVE.
This gave him access to the official's email address on that domain and allowed him to reset the password on the victim's Xbox LIVE account, which was the actual target of the compromise.
Other companies that had their domain names hijacked include Twitter, China's largest search engine Baidu, vulnerability research company Secunia, Google Bangladesh and Comcast.
These hijackings are usually achieved via social engineering by tricking registrar employees into handing over control of the domains to the attacker.