Google and Microsoft fall victim to Pakistani hack

The attack, which saw 285 sites defaced, appears to have involved the alteration of their DNS entries. A Pakistani hacker group has reportedly claimed that the servers of .pk registrar PKNIC provided the necessary vulnerabilities.

The Pakistani websites of Google, Microsoft and hundreds of others have fallen victim to a hack attack that led to their defacement.

The attack became apparent on Saturday, according to the ProPakistani IT blog, which explained that someone had changed the DNS entries for 285 .pk domains that had been managed by the Thomson-Reuters subsidiary MarkMonitor, effectively redirecting visitors to those sites to the hacker's own domain.

Rather than taking people to their web searches or gift-buying expeditions, the sites were displaying a photograph of penguins, the words "Pakistan Downed" in English, and an obscure message in Turkish. The hacker identified him or herself as 'eboz'.

On Monday, ProPakistani reported having received an email from a Pakistani hacker group that detailed serious vulnerabilities at the .pk registrar, PKNIC, and said these flaws were the "only reason" for the attack's success on Saturday.

According to that report, PKNIC's servers are vulnerable to Boolean-based and time-based blind SQL injection, cross-site scripting and 'sensitive directory disclosure'.

At the time of writing, Microsoft and Google's Pakistani sites were back up and running.

ZDNet has approached both PKNIC and MarkMonitor for comment, but had received none at the time of writing.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All