Hackers wipe out all of News International's websites

LulzSec returns with a massive attack against News International's websites, including national newspapers

Barry Collins
19 Jul 2011

Updated at 7:30am LulzSec has come out of retirement to take on News International, leading to all of the company's websites being taken offline.

The hacking group launched its attack on News International late last night, redirecting visitors to TheSun.co.uk to a spoof news story reporting the death of News Corp CEO Rupert Murdoch. The website was later redirected to the hacking group's Twitter page.

Spoofed Sun

By the early hours of the morning, the attack had escalated to the rest of News International's websites. At the time of writing the websites of The Sun, The Times and The Sunday Times were all down, along with the rest of the company's web properties. The attack also appears to be affecting The Times iPhone and iPad apps, although it isn't clear if the sites were taken offline by News International or by the hackers.

A message on the the LulzSec Twitter account claims "News International's DNS servers (link web addresses to servers) and all 1,024 web addresses are down".

The LulzSec and other Twitter accounts associated with hackers were also distributing login details and mobile phone numbers of staff from News International titles, allegedly including those of Rebekah Brooks. Another Twitter feed associated with the group claimed to have hacked a server owned by the now-defunct News of the World, calling on police to investigate the mail server.

The LulzSec hackers quit their "anti-security" operation last month, but have apparently returned to target News International following the phone-hacking scandal.

How the attack worked

The initial attack apparently exploited a flaw in a little-used server established when The Times erected its paywall, according to a report on The Guardian website. This allowed the hackers to plant some JavaScript code in a "breaking news" iFrame on the Sun's website, redirecting users to the fake news story and subsequently LulzSec's Twitter page.

That flaw also gave the hackers access to various News International login details and databases, allowing the attackers to wreak further havoc.

It is thought the hackers subsequently launched an attack on the company's DNS servers, which translate web addresses (i.e. www.thesun.co.uk) into the IP address of the website involved. Both of News International's DNS servers are operated in-house, according to reports, making it easier for the hackers to take down the company's websites.

News International was unavailable for comment at the time of publication.

Read more about: