Twitter timestamps raise questions about GoDaddy hack attack
Hacker claims credit for the GoDaddy DNS attack without proof and with inconsistent timelines.
Tue, Sep 11, 2012 at 08:02 AM
A tweet from @AnonymousOwn3r claiming responsibility for the GoDaddy hack. (Image: Twitter)
Did a lone hacker take down the entire network of websites hosted by GoDaddy? Or is it just a massive software glitch seized upon by an opportunistic hoaxer?
On Monday, Sept. 10, thousands, possibly millions, of websites hosted by GoDaddy suddenly became unreachable. Even the main GoDaddy website returned an error.
It's not clear exactly when the GoDaddy-hosted sites went offline, but at 10:46 a.m. Pacific time (1:46 p.m. Eastern), a single Twitter account with the handle @AnonymousOwn3r claimed responsibility.
"#tangodown http://www.godaddy.com/ by @AnonymousOwn3r," he or she tweeted. About 20 minutes later, he wrote, "Hello http://godaddy.com/ now yes! all servers #tangodown by @AnonymousOwn3r."
The account holder gave no explanation about how a single person could have knocked out the entire GoDaddy network.
Several tech-news websites reported the GoDaddy outage as an apparent attack, based on @AnonymousOwn3r's Twitter feed.
Nice story, but there's just one question…
However, if Twitter's confusing timestamps can be interpreted correctly, GoDaddy's own Tweet admitting a problem with the website came 11 minutes before @AnonymousOwn3r's claim of responsibility.
"Status Alert: Hey, all. We're aware of the trouble people are having with our site. We're working on it," said the @GoDaddy account at what was timestamped 12:35 p.m. — which appears to be 1:35 p.m. Eastern time.
It's not clear exactly what time zone GoDaddy's Twitter account is set to, but it appears to be following Central Daylight Time. (GoDaddy is based in Scottsdale, Ariz., which in mid-September would be on the equivalent of Pacific Daylight Time.)
Reports from around the Web indicated that not only GoDaddy-hosted websites, but also GoDaddy-hosted email services, were down, indicating a problem with GoDaddy's Domain Name System (DNS) servers.
DNS servers are the "telephone books" of the Internet and translate URLs and email addresses into the numerical systems computers and routers users.
I'm king of the world!
At 3:04 p.m. (4:04 p.m. Eastern), @GoDaddy tweeted, "Update: Still working on it, but we're making progress. Some service has already been restored. Stick with us."
Meanwhile, @AnonymousOwn3r was still reposting congratulations from other hackers and trying to convince Christina Warren, a reporter from social-networking news site Mashable, that he was king of all hackers.
"The epicness of this sort of hack cannot be denied. I mean, hot damn. That’s a huge get," wrote Warren, under her @film_girl handle. "Were you able to take down the whole block of DNS servers?"
"Yes! It's not so complex," replied @AnonymousOwn3r without offering any proof.
Related on SecurityNewsDaily: