A hacking group named to be “OurMine” has managed to hack and deface the official website of WikiLeaks earlier today. OurMine hackers had left the following message on its deface page:

Hi, it’s OurMine ( Security Group ), don’t worry we are just testing your…. blablablab, Oh wait, this is not a security test! Wikileaks, remember when you challenged us to hack you?

Anonymous, remember when you tried to dox us with fake information for attacking wikileaks? https://twitter.com/YourAnonNews/sta...72812013301762

There we go! One group beat you all! #WikileaksHack let’s get it trending on twitter!

Www.OurMine.Org | contact@ourmine.org

The Twitter link status shared on the deface page can be found below:

https://twitter.com/YourAnonNews/sta...72812013301762

https://thehackpost.com/wp-content/u...aks-Hacked.png

Upon investigating the hack, it appears that the WikiLeaks domain “wikileaks.org” name had hacked. According to the domain’s WHOIS information, it had been updated today on “2017-08-31T06:30:15Z”. This surely means that domain details had been updated earlier today.

https://cdn.thehackpost.com/wp-conte...IS-768x664.png

OurMine hackers some how managed to gain access to wikileaks.org domain and changed its DNS nameservers to a server that was controlled by the hackers. The server I.P in control of the hacker is 181.215.237.148. While visiting the I.P address mentioned, the deface page has appeared just as it appeared on the WikiLeaks domain.

https://cdn.thehackpost.com/wp-conte...aks-DNS-IP.png

It’s still unclear how OurMine hackers gained access to the wikileaks.org domain. Although the following methods may have been used to gain control:

  1. OurMine may have gained access to the WikiLeaks domain registry Dynadot.com
  2. OurMine may have social engineered WikiLeaks domain registry, by fooling one of their staffs to change its nameservers.
  3. OurMine may have hacked one of the registries staff accounts.
  4. OurMine may have hacked WikiLeaks domain owner itself.


At the time of publishing this article, the WikiLeaks website remained defaced in many countries. However, the website was accessible via VPN at different countries. However, we aren’t sure till when the site would remain offline. According to social media users, the website had been defaced for more than 2 hours.