DNS Attack Takes Out Google
Google’s Malaysian site – Google.com.my – has fallen victim to a DNS attack by a hacker group calling itself ‘Team MadLEETS’. The site went offline for several hours on Thursday, defaced by the hackers who had posted their own messages on the page. The site is now back online.
No Political Origin
The bottom of the page reads – ‘Pakistan Zindabad’ – which translates to ‘Long Live Pakistan’. However, the attack doesn’t seem to be political in nature. In fact, the team, in a statement to TechCrunch, says that the attack was done without any purpose, except to expose the ‘illusion’ of security:
“There’s not much reason behind it, only to prove that security is just an illusion. It does not exist.
We have no political intentions whatsoever, as you have already stated.
The attack is one of the DNS sorts, wherein a hacker gains access to the Network servers of an area or nation and modifies DNS addresses so that visitors may be redirected elsewhere. In this case, the team would have hacked the Malaysia Network Information Center (MYNIC), and replaced Google’s DNS records, directing visitors to Madleet Servers.
Google seemed to confirm this with a statement:
“For a short period, some users visiting google.com.my were redirected to a different website; Google services for the google.com.my domain were not hacked. We’ve been in contact with the organisation responsible for managing this domain name and the issue should be resolved.”
Early in July this year, hackers performed a similar attack on many Malaysian sites, leading users going to ‘.my’ domains to redirect to sites run by the hackers. The attack was launched as a protest against the treatment of Bangaladeshi workers in the country.
Many other websites, such as those of New York Times, Twitter, Huffington Post, and LeaseWeb have also come under DNS attacks lately.
The MadLEETS team has a Facebook page where the group claims responsibility for attacks on many of Google’s domains – Serbia, Kenya, Burundi and Pakistan itself, where the group seems to be based. The page also has the following message:
“We feel we need to alert anyone, that we don’t hack any country tlds for example google.com.my as a result of any kind of hate, We don’t hate anyone, We love all humanity, there is no obvious reason for stamping the tlds.
Least the reason is not any kind of hate.
Whatever the reason is we can’t explain except we love all of you.
As of now, all we seem to know about the hacker group is that they are of Pakistani origin, and that the group performed this attack simply because it could.