Sucuri nbim: twitter.com DNS modified
< twitter.com has address 184.108.40.206
< twitter.com has address 220.127.116.11
> twitter.com has address 18.104.22.168
This alert was generated by the Sucuri Network Integrity Monitor. Log in to your dashboard at http://sucuri.net.
So we can see that it was indeed a DNS redirection attack and that probably their servers weren’t attacked directly.
If you are curious were they are hosting their DNS, here it is:
Domain Name: TWITTER.COM
Registrar: NETWORK SOLUTIONS, LLC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: NS1.P26.DYNECT.NET
Name Server: NS2.P26.DYNECT.NET
Name Server: NS3.P26.DYNECT.NET
Name Server: NS4.P26.DYNECT.NET
Updated Date: 27-may-2009
Creation Date: 21-jan-2000
Expiration Date: 21-jan-2018
If you tried to access their services last night, we recommend changing your password ASAP. If you want to monitor your own domain names for this kind of issue (for free), visit http://sucuri.net