纽约时报网站和Twitter被黑客钓鱼改了域名(图)

　　新华网8月30 日电据科技博客网站Gizmodo报道，纽约时报网站和社交网站Twitter相继被自称是叙利亚电子军的黑客攻占域名，随后他们的域名注册商澳大利亚的墨尔本IT也难于幸免。不过，Gizmodo网站刊文认为这三次黑客攻击手段并不高明，只是利用钓鱼邮件获取密码才得手的，只能算是小打小闹。

　　正如我们早些时候所推测，昨天攻占Twitter和纽约时报网站域名的黑客并没有用“强攻”也没有用啥高明的手段。《洛杉矶时报》报道称，自称为叙利亚电子军的黑客利用钓鱼邮件获得墨尔本IT好几个员工的用户名和密码，这家公司正是为NYTimes.com和Twitter.com提供域名注册服务的公司。这件事警告我们接收邮件时要谨慎。

　　墨尔本IT是一家澳大利亚的域名注册商，也被黑了，显然是同一黑客所为，即叙利亚电子军。昨天Twitter与纽约时报网站相继被攻击，这家提供域名注册的公司被黑是在意料之中的事。

　　周三小编尝试登录墨尔本IT的主页（www.melbourneit.com.au)），结果出来是一个空白的网页（如上图所示），页面上端写着一行字：“被叙利亚电子军攻击，您的服务器安全系数非常低。”鉴于昨天的黑客事件，主页被黑也是显而易见的。墨尔本IT是纽约时报网站和Twitter网站的域名注册商，叙利亚电子军利用所截获的证书修改了两个网站的域名设置。所以，不管到底是谁发动了这次黑客行动，不管是不是自称为叙利亚电子军的黑客，他们只是利用了稍稍利用了下权限就拉黑了墨尔本IT的网站。

　　
　　这三起黑客事件算在一起，其实没有造成多大的伤害。纽约时报网站和Twitter几个小时内就从黑客袭击中复原，相信澳大利亚的域名注册商也很快的恢复原状了。不过，估计好戏还在后头，叙利亚电子军还会发动更多类似这样的“小打小闹”，你就拿好爆米花，准备看好戏吧。

　　译者：张艺

　　百度新闻与新华网国际频道合作稿件，转载请注明出处。

　　Yup, the NYTimes and Twitter Outages Started With Simple Phishing

　　As we strongly suspected earlier, the hackers that briefly took over the Twitter and New York Times domains yesterday didn"t use brute force or fancy hacks to get in. The LATimes reports that the Syrian Electronic Army used phishing emails to get username and password credentials for several employees Melbourne IT, the registrar for both NYTimes.com and Twitter.com. Be careful what emails you click!

　　Melbourne IT, an Australian domain name registration, just got hijacked, apparently by the very busy Syrian Electronic Army. This shouldn"t be a surprise since it"s the same company that was implicated in Tuesday"s New York Times and Twitter hacks.

　　Attempting visit Melbourne IT"s homepage (www.melbourneit.com.au) on Wednesday morning showed a blank white page with one line of text at the top: "Hacked by SEA, Your servers security is very weak." This should"ve been obvious given the hacks from the day before. Apparently, Melbourne IT is the registrar for NYTimes.com and Twitter.com, and its credentials were used to change the domain settings for the two domains. So whoever was doing the hacking—and the Syrian Electronic Army is taking credit—just exploited their access a little more to pull down Melbourne IT"s site.

　　As with the other hacks, it doesn"t look like anybody really got hurt here. The Times and Twitter both recovered from their hacks within a few hours and there"s no reason the Australians won"t do the same. There"s also no reason to believe the Syrian Electronic Army is going to stop these little attacks, so get your popcorn. [Twitter] (来源：新华国际)

https://news.sohu.com/20130830/n385431743.shtml news.sohu.com false 新华网 https://news.xinhuanet.com/world/2013-08/30/c_125273917.htm report 3212 新华网8月30日电据科技博客网站Gizmodo报道，纽约时报网站和社交网站Twitter相继被自称是叙利亚电子军的黑客攻占域名，随后他们的域名注册商澳大利亚的墨