Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Google, Yahoo Among Sites Hit in DNS Attack Targeting Romanian Domains

    By
    Brian Prince
    -
    November 29, 2012
    Share
    Facebook
    Twitter
    Linkedin

      The Romanian versions of Google and Yahoo were among the sites diverted Nov. 28 after a Domain Name System attack on the Romanian Top-Level Domain Registry (RoTLD).

      The sites themselves were not hacked. According to security researchers with Romania-based security firm BitDefender, the attack appears to be the work of The Algerian Hacker Group, an organization incorporating almost 200 different teams of hackers that is also targeting DNS systems of other national top-level domains (TLDs).

      The Romanian hack, BitDefender noted in a blog post, is the fourth incident in the past month, which has also seen DNS attacks on Ireland, Israel and Pakistan TLDs.

      “[Wednesday’s] attack managed to poison DNS cache servers of all Internet Service Providers, including the Google DNS (8.8.8.8 and 8.8.4.4) as these ISPs cache the DNS resolution sent by RoTLD to speed up the resolution process when other similar requests are made,” the company explained. “Some ISPs have already flushed their caches, others are still serving rogue resolutions. We are continuously scanning the DNS zones for the Romanian Internet and contacting ISPs individually for mitigating the crisis in the shortest time.”

      In addition to Google and Yahoo, the other sites affected by the incident are Microsoft.ro, Hotmail.ro, Windows.ro, Kaspersky.ro and paypal.ro, according to Stefan Tanase, senior security researcher at Kaspersky Lab. Before the attack was resolved, the Google and Yahoo domains were resolving to an IP address in the Netherlands.

      “All this could have been much worse if the attacker had other goals in his mind than just becoming famous by defacing famous Websites,” Tanase wrote. “Imagine how many accounts could have been compromised [Wednesday] morning if these Websites were redirected to a phishing page, instead of a defacement page.”

      According to BitDefender, the attack has the “same MO” as the hackers who targeted Pakistani registry PKNIC.

      “However, while the motivation was strictly political—based on the message they left on the defaced page—in Pakistan, the attackers did not provide any clue about the reason they attacked the Romanian services,” BitDefender noted. “The troubled state of society in the Middle East has given birth to a number of responses from digital activist groups that end up attacking popular Websites and exposing innocent users as collateral damage.”

      According to PKNIC, the breach occurred Nov. 23, and impacted nine DNS records. The affected Websites were redirected to a page with a message in Turkish for a few hours.

      “Almost all of these Websites were mirrors of global sites such as google.pk, microsoft.pk, or place-holders for International brand names who do not actually do business in Pakistan such as paypal.pk, etc.,” according to the company. “The changes caused by the incident were reverted within a few hours, by the PKNIC team, by late Friday night. The affected accounts were notified after the scope of the incident was identified.”

      The registry said it is launching new security initiatives in light of the attack, including inviting white-hat hackers to “test-drive the security” of its systems. The company is also establishing a reward program from hackers and developers in line with similar programs run by companies such as Google.

      Brian Prince

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×