Metasploit website hijacked by pro-Palestinian hackers… via fax


Metasploit and fax machineRapid7’s Metasploit is the latest high profile website to fall foul of a pro-Palestinian group of hackers, who hijacked its DNS records.

And it seems the hackers used an old-fashioned fax message to commit their crime.

Metasploit, of course, is used by security professionals around the world to test corporate security systems, and verify that vulnerabilities have been properly fixed.

The KDMS Team managed to trick, who manage the DNS records for, into believing that they were authorised to change them - redirecting anyone attempting to visit the Metasploit site to a different part of the net, under the hackers’ control.

In short, if you attempted to visit your web browser would claim that you were on, but what you would see on the webpage would be very different than what the site’s legitimate owners would want.

Metasploit pwned


Hello Metasploit

After whatsapp , avira, alexa , avg and other sites
We was thinking about quitting hacking and disappear again ..!
But we said : there is some sites must be hacked
You are one of our targets
Therefore we are here ..
And there is another thing .. do you know Palestine?

Earlier this week, WhatsApp, AVG and Avira - whose DNS entries are managed by Network Solutions - were attacked in a very similar manner.

DNS records work like a telephone book, converting human-readable website names like into a sequence of numbers understandable by the internet. If hackers manage to change a site’s DNS records, they can take you to a website that isn’t under the legitimate company’s control.

H D Moore, the Chief Research Officer of Rapid7 and driving force of Metasploit, has described on Twitter how the Metasploit site was hijacked: was hijacked through a spoofed change request FAXED to Hacking like its 1964

Social engineering triumphs for the hackers once again.

The worry is, of course, that if can be fooled so easily into allowing hackers to mess with a site’s DNS entries - they could presumably do it with *any* website using’s services.

Surely companies like and Network Solutions need to be a little wiser about the possible tricks hackers could use to mess with their customers’ web visitors?

Tags: , , , , , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , , , , , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.