Secunia Was Owned or DNS/domain hijacked?

Today Morning Secunia website was out of service and the reason of this service disruption is a DNS-attack. Many users thought that the website was compromised by hackers but that was not the case, the attack was made on the DNS server by redirecting users attempting to enter Secunia website to Hackers Website IP address.

On the hackers website you can find the following :

Sans have recived some reports from people about this incident they found that the site web located at the following IP address:

$ host is an alias for has address mail is handled by 0

while previously was at

And by running telnet on the original Secunia’s web site the server is still running:

$ telnet 80
Connected to (
Escape character is ‘^]’.
GET / HTTP/1.0

HTTP/1.1 200 OK
Date: Thu, 25 Nov 2010 08:46:29 GMT
Server: Apache

This is not the first DNS attack we read about in the news there were a big number of incidents that are related to the DNS record and it is now very important to start using and implementing the DNSSec to protect the DNS servers.

make sure you subscribe to my RSS feed!