This looks like a typical DNS cache poisoning attack[1], which takes advantage of insecure DNS caching servers. Users of those caching servers will be sent to the wrong IP, so it is a successful attack of sorts. But there isn't much the target website can do to prevent it.
15 comments
[ 2.7 ms ] story [ 44.2 ms ] threadI'm guessing some people are getting a cached version.
Perhaps there is a server rotation (by client IP) and only one such server was hacked.
https://web.archive.org/web/20170831035852/https://wikileaks...
http://i.imgur.com/KyaorAz.png
From https://www.iplocation.net/ I get 181.215.237.148 for wikileaks.org, and then from https://ipinfo.io/181.215.237.148 I see Secured Servers LLC in Oklahoma City. I'm guessing that's new.
Maybe it's that the wikileaks.org domain has been hijacked. Or maybe it's just DNS poisoning.
[1] https://en.wikipedia.org/wiki/DNS_spoofing