The popular Google Malaysia was hacked today and visitors of the site were taken to a defaced landing page made by the hackers. In seems to be a case of DNS hijacking where attackers redirected the users to their own page. Visitors to the Malaysian site see a message telling them that “Google Malaysia Hacked by Tiger-Mate #Bangladeshi Hacker”.
According to google no data has been compromised and all their services are up and still running. Since it is a dns hijacking issue here generally an attacker compromises the DNS registrar and change the server address which takes the users to a different website or page, hence all data are safe.
The problem appears to have arisen from the organisation that manages the technology that allows URLs to point towards websites, according to a Google statement given to Reuters. The search giant is working with that organisation, MYNIC, to resolve the problem.
MYNIC is run by the country’s ministry of communications and multimedia. It runs all websites that end with the .my suffix, including google.com.my.
DNS attacks are comon in big websites like google because it is relatively easy to hack into the DNS provider then to hack into the server of these organizations. In the past years too we have seen many cases of DNS attacks. On 24th November 2012 Google Pakistan was hacked by this technique and on 26th august 2013 Google Palestine was hacked by DNS hijacking technique.
The defaced page can be viewed on Zone-H, an archive of defaced websites, According to Zone-H TiGER-M@TE also defaced yahoo.com.my, translate.google.com.my and youtube.my today, however this was not independently confirmed.
