Baidu hacker lawsuit can proceed in US court

Jul 22, 2010
A picture shows the logo of Baidu on its headquarters in Beijing. A US judge ruled Thursday that Baidu has a "plausible" legal case against a domain registry firm that let hackers commandeer the Chinese Internet search giant's website.

A US judge ruled Thursday that Baidu has a "plausible" legal case against a domain registry firm that let hackers commandeer the Chinese Internet search giant's website.

Chin backed two of seven claims made against in a suit filed in January.

In a partial victory for domain name company Register.com, US District Judge Denny Chin dismissed five of seven claims Baidu made against the firm, including breach of contract, complicity in and aiding trespass. He only backed two of Baidu's counts against Register.

"I hold that Baidu has alleged sufficient facts in its complaint to give rise to a plausible claim of gross negligence or recklessness," Chin said in his ruling.

"If these allegations are proven, then Register failed to follow its own security protocols and essentially handed over control of Baidu's account to an unauthorized intruder, who engaged in cyber vandalism."

Hackers launched a cyber-attack on Baidu on January 11 by gaining access to the search firm's account at Register, in a move the firm said cost it millions of dollars.

For about five hours, Baidu traffic was rerouted to a Web page showing an Iranian flag; a broken Star of David, and a written message stating "This site has been hacked by the Iranian Cyber Army."

Baidu is the world's third largest and is reported to control more than 70 percent of the Chinese-language market.

Hackers seized the Baidu account by duping a Register tech support worker into changing the email address that Baidu had on file at US-based Register, legal documents maintained.

The Register support worker asked the imposter for security verification information but didn't bother to check whether it was correct as required by Register policy, according to court paperwork.

The hacker later pretended to forget the Baidu account password and, because of the altered email address, was sent a link granting access and control.

"If Register had simply followed its own security protocols, the attack surely would have been averted and neither Register nor Baidu would have been victimized," Chin concluded.

Baidu and Register are due back in Chin's New York courtroom next month for a pre-trial hearing.

Explore further: Turkey still hopes Twitter will open local office

add to favorites email to friend print save as pdf

Related Stories

Baidu shares soar as net profit sharply higher

Apr 28, 2010

Baidu shares soared past 700 dollars on Wednesday after the Chinese Web search giant more than doubled its net profit amid Google's conflict with the Chinese authorities.

Google loses out in Chinese search engine market

Jul 21, 2010

Google's share of the Chinese search engine market fell in the second quarter while the US Internet giant was embroiled in a public battle with Beijing over censorship, a research firm said Wednesday.

Downadup Worm Hits Over 3.5 Million Computers

Jan 16, 2009

(PhysOrg.com) -- Security firm F-Secure has advised that the Downadup worm has spread to more than 3.5 million computers by exploiting a vulnerability Microsoft patched last October. This is achieved by trying ...

Chinese paper accuses Google of hampering searches

Oct 27, 2009

(AP) -- Google Inc. faces a new controversy in China after a Web site run by the Communist Party's main newspaper accused the U.S. search giant of trying to keep Internet users away following its reports ...

Recommended for you

Net neutrality balancing act

12 hours ago

Researchers in Italy, writing in the International Journal of Technology, Policy and Management have demonstrated that net neutrality benefits content creator and consumers without compromising provider innovation nor pr ...

Twitter rules out Turkey office amid tax row

Apr 16, 2014

Social networking company Twitter on Wednesday rejected demands from the Turkish government to open an office there, following accusations of tax evasion and a two-week ban on the service.

How does false information spread online?

Apr 16, 2014

Last summer the World Economic Forum (WEF) invited its 1,500 council members to identify top trends facing the world, including what should be done about them. The WEF consists of 80 councils covering a wide range of issues including social media. Members come ...

User comments : 0

More news stories

Hackathon team's GoogolPlex gives Siri extra powers

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Better thermal-imaging lens from waste sulfur

Sulfur left over from refining fossil fuels can be transformed into cheap, lightweight, plastic lenses for infrared devices, including night-vision goggles, a University of Arizona-led international team ...

Deadly human pathogen Cryptococcus fully sequenced

Within each strand of DNA lies the blueprint for building an organism, along with the keys to its evolution and survival. These genetic instructions can give valuable insight into why pathogens like Cryptococcus ne ...