Google and Microsoft fall victim to Pakistani hack

The attack, which saw 285 sites defaced, appears to have involved the alteration of their DNS entries. A Pakistani hacker group has reportedly claimed that the servers of .pk registrar PKNIC provided the necessary vulnerabilities.

The Pakistani websites of Google, Microsoft and hundreds of others have fallen victim to a hack attack that led to their defacement.

Read this

Cloud computing's utility future gets closer

Cloud computing is on a path to becoming a true utility - but what exactly is a utility and how closely does cloud fit that picture? ZDNet asked an industry expert to find out.

Read More

The attack became apparent on Saturday, according to the ProPakistani IT blog, which explained that someone had changed the DNS entries for 285 .pk domains that had been managed by the Thomson-Reuters subsidiary MarkMonitor, effectively redirecting visitors to those sites to the hacker's own domain.

Rather than taking people to their web searches or gift-buying expeditions, the sites were displaying a photograph of penguins, the words "Pakistan Downed" in English, and an obscure message in Turkish. The hacker identified him or herself as 'eboz'.

On Monday, ProPakistani reported having received an email from a Pakistani hacker group that detailed serious vulnerabilities at the .pk registrar, PKNIC, and said these flaws were the "only reason" for the attack's success on Saturday.

According to that report, PKNIC's servers are vulnerable to Boolean-based and time-based blind SQL injection, cross-site scripting and 'sensitive directory disclosure'.

At the time of writing, Microsoft and Google's Pakistani sites were back up and running.

ZDNet has approached both PKNIC and MarkMonitor for comment, but had received none at the time of writing.