It's a dns exploit. Basically whenever you type a url in your address bar, the url routes to the ip of the website. Like if you go to
http://74.125.224.72/ you'll end up at google.com. dns servers link urls to the correct ip addresses.
The guy doing it wasn't malicious from what I can tell. He probably just trolls the internet using some script to find servers where he can use his exploit, the urls get hijacked and redirect, not to their regular ips, but to one of his selecting. Using this exploit one could trick people into providing their usernames/emails/passwords to him.
Basically he thinks he's providing a service by showcasing this exploit in order for people to beef up their security or fix the problem or whatever. That's what a lot of "hackers" do. It's annoying as hell for everyone, but a lot of hackers are just interested in showing off security flaws.
if this person indeed used just a script, he/she then wouldn't even be a "hacker," as a hacker would have found a way to do it from scratch. This person would be considered a "script kiddie" -- so-called because of using a script or other kind of pre-programmed app instead of learning how to do it yourself, and "kiddie" because they're usually kids who are trying to be "1337."
Author
