Google Kenya & Google Burundi domains has been hijacked by “1337” from Madleets. For now Google Kenya is restored but Google Burundi still defaced.
This not the first time 1337 hijacked Burundi registrar, before Burundi ccTLDs major domains hacked by 1337.
It merit mentioning here that google domains defaced with DNS poisoning attack. The hackers managed to hack into Burundi and Kenya Domain Registrar website and changed the authoritative DNS records of the domain, to point the domain name to the madleets name server.
Name Server: b0x1.madleets.com
Name Server: b0x2.madleets.com
It’s not clear how this attack was carried out, but it may have involved compromising the system operated by the Kenya and Burundi NIC.
Hacked Sites:
- http://www.google.bi
- http://www.google.co.bi
- http://www.google.com.bi
- http://www.google.co.ke
Mirrors:
- http://zone-h.com/mirror/id/20826422
- http://zone-h.com/mirror/id/20826444
- http://zone-h.com/mirror/id/20826454
At the time of reporting, Kenya Domain Registrar fix the DNS server records of the domain and are pointed back to original servers But Google Burundi domain still pointed at hackers name servers.
Pingback: Google Kenya & Google Burundi Hacked By 1337 - The Hackers Post | ThisRightNow()
Pingback: Google Malaysia gets Hacked by 1337 Hacker - The Hackers Post()
Pingback: Google Malaysia gets Hacked by 1337 Hacker « News « Malang Cyber Crew()