The Bangladesh Grey Hat Hackers are the ones behind the attack
Several Malawi high-profile domains, including the ones of Google, Coca Cola, Fanta, Yahoo and Hotmail, have been hijacked by TIGER-M@TE and h311 c0d3.According to the hackers, they’ve defaced the websites after breaching the systems of Malawi’s .mw domain registrar, registrar.mw.
Once they gained access to the registrar’s systems, the hackers changed the DNS records for the sites and made them redirect users to their own defacement page.
TIGER-M@TE and h311 c0d3 have defaced domains such as google.mw, cocacola.mw, fanta.mw, yahoo.mw, kaspersky.mw and others.
c0de-X-1337, who is a member of Bangladesh Grey Hat Hackers, took the opportunity to deface maps.google.co.mw.
At the time of writing, it appeared that the DNS records had been restored, but it’s uncertain if the company has addressed the vulnerabilities leveraged by the hackers.
Over the past period, several high-profile websites have been defaced after hackers gained access to the systems of domain registrars. This year alone, cybercriminals have managed to breach registrars from Morocco, Turkmenistan and Saint Helena.
Update. The article has been updated to clarify that TIGER-M@TE and h311 c0d3 are the ones who have hacked the systems of the Malawi registrar.