OurMine is in headlines once again—this time for defacing WikiLeaks website.
The notorious hacking group, OurMine, is known for breaching into high-profile figures and companies’ social media accounts, including Facebook CEO Mark Zuckerberg, Twitter CEO Jack Dorsey, Google CEO Sundar Pichai, HBO, Game of Thrones and Sony’s PlayStation Network (PSN).
According to screenshots circulating on Twitter, the official website of WikiLeaks has reportedly been defaced by the OurMine hacking group, who left a message on the site, as shown above.
WikiLeaks is a whistleblowing website that since March, has been revealing top CIA hacking secrets under Vault 7, including the agency’s ability to break into different mobile and desktop platforms, security camera live video streams, air-gap computers and many more.
There is no indication of WikiLeaks servers and website been compromised, instead it seems their website has been redirected to a hacker-controlled server using DNS poisoning attack.
In DNS poisoning attack, also known as DNS spoofing, an attacker gets control of the DNS server and changes a value of name-servers in order to divert Internet traffic to a malicious IP address.
Shortly after the defacement, the site administrators regained access to their DNS server and at the time of writing, the WikiLeaks website is back online from its official legitimate servers.
OurMine is a Saudi Arabian group of hackers which claims to be a “white hat” security firm.
The group markets itself by taking over social media accounts of high-profile targets and then encourages them to contact the hacking group to buy its IT security service in an effort to protect themselves from future cyber attacks.