Bangladeshi Hacker Group Hijacks Google Malaysia With DNS Attack
Google.com.my is currently down for desktop users after the site was hacked and defaced by hacker group calling itself TiGER-M@TE.
Earlier this morning, while trying to access Google Malaysia, we were greeted by a black page proclaiming that Google has been hacked
First noticed by users who took to Twitter to highlight the issue, at 12:30pm, the site still shows the same altered page. According to information displayed there, it's the work of a "Bangladeshi hacker" calling themselves "Tiger-M@te".
Google Malaysia page still down. Looks like another DNS rerouting. pic.twitter.com/TQ8ULpLX2c
— Jason Ng (@ByJasonNg) April 14, 2015
Google had tweeted that it looks like a DNS redirect. This would mean that Google was not actually hacked, but rather the domain name registry with MYNiC, Lowyat.NET reported.
@themmailonline DNS redirection likely. Seems to be ok for most users now. FYI @mynicberhad
— Google Malaysia (@GoogleMsia) April 14, 2015
Google Malaysia’s corporate and communications chief Zeffri Yusof said the website has not been compromised, and the incident was likely a repeat of the DNS attack that had occurred at least twice before.
“I do not think it is hack, it is more likely to be DNS redirection. This happened, if you remember, back in 2011 and 2013. So, it is quite a regular occurrence,” Zeffri said. “However, I may want to clarify with MYNIC (Berhad), our domain registrar.”
It is likely that the problem lies with MYNiC, as the message from the hackers indicates that it was done by the same group who hacked the domain name registrar two years ago. However, the scope of this hack appears to be much smaller, and only affecting the Google Malaysia website.
lowyat.netGoogle has asked users to use http://Google.com/ncr for now.
Meanwhile, it has issued an official statement about the incident:
“We’re aware that some users are having trouble connecting to google.com.my, or are being directed to a different website. Google services for the google.com.my domain are not compromised. We’ve reached out to the organization responsible for managing this domain name and hope to have the issue resolved.”
lowyat.netGetting reports some users are experiencing http://t.co/uIvl6RbDzu DNS redirection. Please use http://t.co/AdkzwxVR4U in the meantime.
— Google Malaysia (@GoogleMsia) April 14, 2015