How Baidu Was Hacked. This is Borderline Unbelievable…

How Baidu Was Hacked. This is Borderline Unbelievable…

Picture 51We were the first publication to report that Baidu, China’s most popular search engine, had been hacked.

The site’s DNS had been redirected and had you visited the site on January 12th through to the 14th, you would have seen “Iranian Cyber Army” plastered all over it(right).

You can read full details of the event here.

Later, Baidu sued for allegedly allowing a security intrusion that enabled the hackers to change the sites name servers. Today published the complaint documents of the case.

This is the part where it gets unbelievable. It transpires that the hacker, claiming to be an agent of Baidu, started an online chat with tech support at and asked to change the email address on file for communication with Baidu. The representative of then sent the imposter a security code that he had to provide. Because he of course had no access to the Baidu account he provided an incorrect code, but the person did not compare the code to the one that was sent out.

Then the email address was changed from an official address to an address that clearly did not belong to Baidu: [email protected] It has “danger” written all over it and significantly, wahabi is the name of a Muslim sect. From then onwards, everything was easy for the hackers and the DNS was changed.

Shortly after, Baidu contacted through an online chat, but refused to help. Baidu tried to call but was not able to reach anybody. It took a full 2 hours before Baidu was able to speak to anyone from the company and resolve the DNS issues, and almost two days before everything had returned to normal.

How on earth the hacker managed to convince this tech support person to change the email address, I’ll never understand. Baidu will have lost millions because of the outage, but if the details are correct, are going to be left out of picking up the tab.

Wonder where that support employee is now.

Via Marc van der Chijs’s Blog.

Read next: Forget Chatroulette...It's all about Catroulette!