Friday, 11 October 2013

Yesterday, Google Malaysia domain was hijacked by ‘Team Madleets’

Yesterday, Google Malaysia domains were apparently hacked by a group named “Team Madleets”, website-the hacker post already forecasted that, it could be a DNS poisoning attack. Google domains of various countries already hit by DNS Poisoning, in the past. Google Malaysia two domains were affected by the attack and were offline for several hours as of late Thursday afternoon. Domains affected by the attacks—(www.google.com.my, www.google.my).


How hackers managed to hijack Google?

Both of the Malaysian domain of Google were affected by the DNS poisoning attack, hackers managed to access  (Malaysia Network Information Centre) to change DNS records for the domain and pointed them to the madleets name server.

Name servers at the domains, when they were affected:
  • Primary Name Server: b0x4.madleets.com 
  • Secondary Name Server: b0x3.madleets.com 

Hackers wrote on the defaced page:
“Struck by 1337! Google Malaysia STAMPED by PAKISTANI LEETS! We are TeaM MADLEETS! Pakistan Zindabad

After the attack, MYNIC issued statement for the confirmation of attack, they wrote: - 
We can confirm there was unauthorised redirection of www.google.com.my and www.google.my to another IP address by a group which called themselves TeaM MADLEETS. The problem was alerted in the early morning and MYNIC Computer Security Incident Response Team (CSIRT) immediately started to resolve the issue. The domain name www.google.com.my has been restored to their correct information at 7.10 am today and www.google.my is still resolving. 


No comments:

Post a Comment