Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Irish Google, Yahoo Domains Taken Offline Briefly After Security Breach

    By
    Brian Prince
    -
    October 12, 2012
    Share
    Facebook
    Twitter
    Linkedin

      Google and Yahoo’s Irish iterations were temporarily knocked offline Oct. 9 after their domain name server records were changed due to a security breach.

      The incident occurred when the DNS name server records of both domains were changed after a registrar’s account was accessed without authorization, according to the IE Domain Registry (IEDR). The registrar was identified as MarkMonitor.

      As a result of an investigation by IEDR and third-party experts, IEDR temporarily took external Web-based systems offline in order to perform additional analysis. The Whois service and the IEDR’s API, however, are fully operational, meaning the registrars accounting for more than two-thirds of .ie domains were largely unaffected by the interruption. Public access to .ie Websites or email is also unaffected, IEDR explained.

      “Serious questions are being raised about how this breach occurred,” IEDR noted Oct. 10 in a separate blog post. “Security experts have suggested that the login details for the IEDR registrar’s console may have been “socially engineered,” for example, if a hacker pretended to represent MarkMonitor and manipulated the IEDR into providing login details to the Registrar console Website (where DNS nameservers are configured).”

      MarkMonitor did not offer much in the way of details about the incident.

      “As you know, the topic of ccTLD security has been discussed by the domain naming system community because of these types of breaches,” MarkMonitor spokesperson Te Smith said in a statement. “As policy, MarkMonitor does not comment on specific domain name security breaches. We recommend that all TLDs implement best practices security measures like those in use by Verisign .COM, Neustar .BIZ and the Puerto Rico.PR registries.”

      In January, hackers in the Anonymous collective hijacked the domain name system record for CBS.com and redirected traffic to another Web server that displayed an empty directory structure, making it appear as though the contents of CBS.com had been erased. CBS.com eventually regained control of the domain.

      According to IEDR, in the case of Google and Yahoo, the records were modified to point to DNS name servers in Indonesia that have been linked to well-known hacking sites—making it possible that some visitors to Google.ie and Yahoo.ie may have been taken to fraudulent versions of those sites. Graham Cluley, senior technology consultant at Sophos, identified the Indonesian name servers as belonging to farahatz.net.

      According to Cluley, an attacker could have, for example, potentially taken users to a bogus version of Google “and infected them with malware or distributed advertising pop-ups.”

      In statements to ZDNET, both Google and Yahoo acknowledged the situation and apologized to users. “We are aware that Yahoo.ie was inaccessible to some users in Ireland,” a Yahoo spokesperson told ZDNET. “This issue is resolved and we apologise [sic] for any inconvenience this may have caused.”

      According to IEDR, police have been notified about the situation.

      Avatar
      Brian Prince

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×