CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 21st, 2009

High Profile New Zealand Sites Registered At Domainz.net Defaced Through DNS Hijack

Today, a web site defacement group known as “The Peace Crew” has successfully hijacked the DNS records for high profile New Zealand web sites, through what Zone-H claims to be a SQL injection at New Zealand’s based registrar Domainz.net, in order to redirect the visitors to a defaced page featuring the infamous Bill Gates pieing photo, as well as anti-war messages.

The mass defacement affected major Microsoft sites in New Zealand including WindowsLive.co.nz, MSN.co.nz, Microsoft.co.nz, Hotmail.co.nz, Live.co.nz next to HSBC.co.nz, Sony.co.nz, Coca-Cola.co.nz, Xerox.co.nz, Fanta.co.nz, F-Secure.co.nz and BitDefender.co.nz.

Here’s Microsoft’s comment, according to NZHerald:

MSN have responded by issuing a short statement from MSN business manager Liz Fraser this afternoon. “The cause of this discrepancy has been identified and we are currently working with our Microsoft technology and security teams in the US to resolve the matter as quickly as possible today. “We apologise for any inconvenience this may have caused,” the statement said.

Once control to the domain registrar’s web panel was obtained, members of the Peace Crew used fatih1.turkguvenligi.info and fatih2.turkguvenligi.info as primary DNS servers delivering the defaced pages, and making it look like the sites themselves have been compromised.

The group is not new on the defacement scene, in fact one of its members has been keeping himself pretty busy during this month by having already defaced thirteen web servers belonging to NASA, using the same template.

Credit: ZDNet.com Security Blogs

Share this item with others:

More on CyberInsecure:
  • Vulnerability Research Vendor Secunia.com Domain Hijacked And Defaced
  • LUSH Websites In Australia And New Zealand Breached, Hackers Stole Customers Billing Details
  • Twitter DNS Hackers Hit Chinese Search Engine Baidu.com
  • Fake iPhone Unlocking App Changes DNS And Hijacks Internet Connection
  • Twitter DNS Hijacked By ‘Iranian Cyber Army’, Inaccessible And Defaced For An Hour

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: High Profile New Zealand Sites Registered At Domainz.net Defaced Through DNS Hijack

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
    Click to hear an audio file of the anti-spam word