Fluffi Bunni UK web hack hits thousands

Thousands of UK websites had their traffic redirected this morning by hacker Fluffi Bunni, with surfers treated instead to a rant against both religion and US economic imperialism.

On the redirected page, Fluffi Bunni asks "for Mr Bin Laden and $5m in a brown paper bag" in exchange for repairing the hack. He redirected traffic by cracking a domain name system server belonging to UK registrar NetNames.

Jonathan Robinson, chief executive at NetNames, confirmed to vnunet.com: "We became aware of a problem shortly before nine o'clock this morning. We have many thousands of clients and it became clear that the majority had been affected.

"Consequently, we shut down the servers for all our clients at nine thirty this morning for restoration. They were back up by 10 o'clock."

One victim told vnunet.com: "We're pissed off, but the domain affected was relatively minor for us. There's likely thousands of small to medium sized enterprises which have had their main page hit and will have lost a lot of traffic."

Mark Read, network security analyst at MIS-CDS, said: "The finger has to point at NetNames. Someone there has not been doing their job properly."

However, NetNames has denied that the incident was the result of a failure on their behalf to fix any known security exploits, such as a weakness in Bind, the software used to translate web addresses into the IP numbers used by servers.

Robinson said: "We won't be revealing exactly what the problem was for security reasons. However, I can confirm that it was not due to any failure to fix a known exploit. No system is 100 per cent secure."