Users reported seeing a banner for the "Iranian Cyber Army," complete with an Iranian flag and a shattered Star of David, when they tried to access Baidu's home page Tuesday.
The company when contacted said that they were looking into the matter.
Users of Twitter will remember that a month ago the same thing was seen on Twitter. When the site was down and a message posted by the "Iranian Cyber Army". With a complete black screen showing the Iranian flag and a shattered stat of David.
According to security experts, Baidu's domain name records appear to have been tampered with. On Monday, the company was using domain name servers belonging to HostGator, a Florida ISP, instead of the Baidu.com nameservers the company normally uses. "It looks like their domain account credentials may have been snagged," said Paul Ferguson, a researcher with the antivirus vendor Trend Micro.
That's the same technique that was used to hijack Twitter, when Iranian Cyber Army hackers were apparently able to log in to the account used to manage Twitter's DNS records and redirect visitors to another Web server that posted a message similar to the one spotted on Baidu.com. That attack knocked Twitter offline for more than an hour.
Baidu's domain name registrar, Register.com, could not be reached immediately for comment.