14 DAY TRIAL // By making use of a technique called DNS poisoning, a cyberattacker managed to take down Samsung, Google, Gmail, YouTube, Yahoo, Apple, Linux, Microsoft and Hotmail websites, hosted on the .cd domain extension which belongs to the Democratic Republic of Congo.
The hacker who calls himself AlpHaNiX managed to deface all the locations by inserting fake records into the cache of DNS servers, reports Security Web-Center. By doing this, the attacker can make sure that he can alter the responses to a DNS query, forcing the Internet users to a fake website instead of a real one.
Even though DNS cache poisoning is a method favored by many hackers thanks to its efficiency, it's not easy to execute, in most cases the Domain Name System servers being provided by Internet service providers (ISPs) and organizations.
Judging by the messages left on the defaced websites, the hacker didn’t have anything “personal” with them, he just wanted to show his powers. Also, since the sites proudly display a Tunisian flag along with the message “Tunisia Rullz,” we can only assume that the hacker originates from Tunisia.
At the time of writing, Gmail.cd, Google.cd, Linux.cd, Samsung.cd, Hotmail.cd and Apple.cd are still defaced, while Youtube.cd was taken down altogether.
When trying to access Microsoft or Yahoo!, I am automatically redirected to .com domains, which means that steps are already taken to resolve the issue.
A few days ago we witnessed how websites belonging to NOD32 and Kaspersky were breached and defaced by hackers. At the time it turned out that Kaspersky’s site wasn’t actually legitimate, instead it was being set up by typosquatters who relied on the misspelled names of a site to lure users to their malicious locations.