A site outage and redirection on LinkedIn’s site Wednesday night blamed on a DNS problem has security experts and users worried that the networking site’s DNS records may have been compromised, along with those of several other sites. But it appears the issue may have been caused by a simple mistake.
Sometime on Wednesday evening, users began noticing that the main LinkedIn site was redirecting them to a different domain. Other visitors couldn’t reach the site at all. Security and Web monitoring sites began reporting that LinkedIn’s DNS records were pointing to a different domain: confluence-networks.com. The most likely explanation is that the company was the victim of a DNS hijacking attack, a tactic that attackers use to redirect large numbers of users to a malicious site they control or a compromised legitimate site.
The DNS redirection and site outage appears to have lasted for a couple of hour Wednesday night, and LinkedIn officials posted a message on Twitter shortly before 10 p.m. EDT saying they were aware of the issue.
“Our site is now recovering for some members. We determined it was a DNS issue, we’re continuing to work on it. Thanks for your patience,” the message said.
The DNS issue may not have been limited to LinkedIn, either. Several other domains had their DNS records pointing to the Confluence-Networks IP range at some point Wednesday night, as well. Confluence, a co-location and hosting company, posted a message on its home page saying that it had investigated the problem and found that it was not the result of a security issue.
“Starting few hours ago, we received reports about some sites (including linkedin.com) pointing to IPs allotted to our ranges. We are in touch with the affected parties & our customer to identify the root cause of this event,” the message says. “Note that it has already been verified that this issue was caused due to a human error and there was NO security related issue caused by the same. More details will be provided shortly.”