Craigslist users visiting the site on Sunday evening were unwittingly redirected to several other sites as a result of a DNS hijack, the company has confirmed.
Jim Buckmaster, CEO of the online listings giant, claimed the attack occurred at around 5pm PST on Sunday evening – with DNS records compromised and visitors diverted to “various non-craigslist sites.”
He added, in a blog post:
“This issue has been corrected at the source, but many internet service providers (ISPs) cached the false DNS information for several hours, and some may still have incorrect information.
If you are unable to reach the craigslist site, please ask your network provider or tech staff to flush all *.craigslist.org and *.craigslist.com entries (A,CNAME,SOA) from their DNS servers.”
One site many users seem to have been diverted to is Digital Gangster, a members-only web forum apparently run by rapper and former hacker Bryce Case, Jr.
He will be one of the key suspects for many, especially as his alter ego, YTCracker, was responsible for the hacking the websites of three US government agencies including NASA's Goddard Flight Center 15 years ago to the day Sunday’s redirects occurred.
That particular attack was apparently launched to warn the US government and military that it wasn’t defending its systems adequately. However, there’s not much in the way of motive apart from publicity-seeking which would implicate the same perpetrator in Sunday’s attacks.
Ironically Digital Gangster was apparently unable to cope with the huge surge in traffic that the DNS hijack led to and promptly went down for many.
Some were redirected to what appears to be a half-finished animated YouTube video of Case Jr’s tune Introducing Neals.
DNS hijacking is, of course, particularly popular with the Syrian Electronic Army which has used the technique in the past to further its hacktivism aims by redirecting sites such as the New York Times to its own domains.