A hacker who took down top Chinese search engine Baidu.com last month broke into its account with a U.S. domain name registrar by pretending to be from Baidu in an online chat with the registrar’s tech help, according to a lawsuit filed by Baidu. […]
The attack began on the afternoon of Jan. 11 when the hacker contacted Register.com tech help via online chat and claimed to be from Baidu, the complaint alleges. The attacker asked a support representative to change Baidu’s e-mail address on file. The representative then sent a confirmation code to Baidu’s e-mail account even though the hacker answered a security question incorrectly, the complaint alleges.
The attacker could not access Baidu’s e-mail account, so instead made up a confirmation code and sent it to the support representative when asked, the complaint alleges. Without comparing the two codes, the support representative took the bogus answer to be correct and agreed to the attacker’s request to change Baidu’s e-mail address on file to "email@example.com", the complaint alleges.
"Incredibly," the complaint says, Register.com "thus changed the e-mail address on file from one that was clearly a business address and contained the name of the account owner, to an e-mail address that conveyed a highly politically charged message (‘antiwahabi’), with the domain name (‘gmail.com’) of a competitor of Baidu, at the request of an individual who not only could not produce the correct security verification, but actually produced false information twice."
It’s unclear exactly what ‘antiwahabi’ refers to, but the spelling matches that of the strict Wahabi Muslim religious sect. Baidu did not immediately reply to a request for comment.