Google and Microsoft fall victim to Pakistani hack

Google and Microsoft fall victim to Pakistani hack

Summary: The attack, which saw 285 sites defaced, appears to have involved the alteration of their DNS entries. A Pakistani hacker group has reportedly claimed that the servers of .pk registrar PKNIC provided the necessary vulnerabilities.

SHARE:
7

The Pakistani websites of Google, Microsoft and hundreds of others have fallen victim to a hack attack that led to their defacement.

The attack became apparent on Saturday, according to the ProPakistani IT blog, which explained that someone had changed the DNS entries for 285 .pk domains that had been managed by the Thomson-Reuters subsidiary MarkMonitor, effectively redirecting visitors to those sites to the hacker's own domain.

Rather than taking people to their web searches or gift-buying expeditions, the sites were displaying a photograph of penguins, the words "Pakistan Downed" in English, and an obscure message in Turkish. The hacker identified him or herself as 'eboz'.

On Monday, ProPakistani reported having received an email from a Pakistani hacker group that detailed serious vulnerabilities at the .pk registrar, PKNIC, and said these flaws were the "only reason" for the attack's success on Saturday.

According to that report, PKNIC's servers are vulnerable to Boolean-based and time-based blind SQL injection, cross-site scripting and 'sensitive directory disclosure'.

At the time of writing, Microsoft and Google's Pakistani sites were back up and running.

ZDNet has approached both PKNIC and MarkMonitor for comment, but had received none at the time of writing.

Topics: Security, Google, Microsoft

David Meyer

About David Meyer

David Meyer is a freelance technology journalist. He fell into journalism when he realised his musical career wouldn't pay the bills. David's main focus is on communications, as well as internet technologies, regulation and mobile devices.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Giving Credit to right owners

    It feels that you have linked back and have given credit to the exact owner of broke the news Saturday morning. I like your work. Keep it up!
    PTETech
  • Giving Credit to Right Owners

    It feels good that you have linked back and given credit to the exact owner of the one who broke the news Saturday morning. I like your work. Keep it up!
    PTETech
  • wrong reporting

    yahoo.pk,ebay.pk and paypal.pk donot even exist .get a life fake reporters .get your facts right
    Salman Ahmed01
  • Journalistic fail!

    Do a little research. ebay and paypal have no .pk site. What a joke.
    beau parisi
  • That is quite a news for me that ebay has .pk site.

    textminer
  • So no eBay then

    My bad - apologies. Fixed now.
    David Meyer
  • Actually, I was right

    PKNIC has put out an updated statement (see http://www.zdnet.com/pakistan-registrar-explains-how-microsoft-google-were-hit-by-domain-hijack-7000008015/) that says many of the affected domains were in fact placeholders. And ebay.pk was one of those.
    David Meyer