Hacktivist use fax to compromise AVG, Avira and others

How were the web sites of AVG, Avira, computer security toolkit Metasploit, and mobile messaging outfit WhatsApp hacked? In at least one case, the hackers were able to alter the DNS settings simply by sending a fax asking to reset the password.

The DNS records of the aforementioned sites were redirecting people to a website playing the Palestinian national anthem and displaying a political message under the title "You Got Pwned".

In a statement, Web.com - which owns Network Solutions that manages the DNS for AVG and others - promised to hire new staff and improve its security practices:

We have been in contact with the limited number of affected customers and have since resolved the issue. We value every customer, appreciate the trust they place in us for their online needs and continue to work hard to eradicate the attacks that harm our customers and the web ecosystem.

The company has taken measures to address the persistent threat of cybercrime, including increasing personnel, implementing best-of-breed front-line and mitigation solutions, regularly engaging third party experts and partners and reviewing and enhancing critical systems.

While no business is immune to cybercrime in today’s web environment, our goal is to create a safe, secure and reliable environment for all of our customers.