Court Approves Baidu Lawsuit Against Domain Register for Iranian Cyber Army Hack

This was written by Michael W. Cheek on Friday, July 23, 2010, 9:47.

A U.S. judge has approved the lawsuit filed by Chinese search engine giant Baidu against its domain register following a cyber attack which occurred in January.

The suit follows the attacks in January which were attributed to a group calling themselves the “Iranian Cyber Army.” Baidu alleges that Register.com gave the hackers access to Baidu’s account when the hackers called the register claiming to be employees of Baidu.

The hackers were then able to change the server number, redirecting users attempting to access the search engine to a site with political messages, according to the BBC.

“It’s like somebody going into the telephone book and changing your phone number,” Graham Cluley of Sophos said.

The search engine claims it lost millions of dollars because of the hack and filed seven lawsuits against the domain register. The U.S. judge allowed two of the suits.

“I hold that Baidu has alleged sufficient facts in its complaint to give rise to a plausible claim of gross negligence or recklessness,” Judge Denny Chin said.

The trial will begin next month in New York. Cluley said it was fortunate the hack didn’t have more serious repercussions.

“Rather than displaying propaganda [the website] could have installed malware or spyware,” he said. “Baidu in China is extremely popular – it could have infected a lot of computers.”