Hackers exploited a vulnerability in the systems of a Pakistani domain registrar

Nov 24, 2012 09:02 GMT  ·  By

The Pakistani websites of Google, Microsoft, Yahoo, Apple, Visa, HSBC, Coca Cola, Blogspot, Sony, HP, eBay and PayPal have been hacked and defaced.

According to The Hackers Media, the sites have been defaced by a group of Turkish hackers.

Three additional domains – blog.microsoft.pk, adsense.google.com.pk, code.google.pk – have been defaced by a Pakistani hacker collective.

On their defacement page, the Pakistani hackers reveal not only their reasons for breaching the sites, but also the vulnerability they exploited.

“Why we have wasted our time to hack Pakistani Sites? Just because let us convey our message. We warned you and we were willing to fix your vulnerability but you think we are jokers and you guys took it as a joke? Yes it’s time to bang you guys!!” the hackers wrote.

The Hackers Media reveals that the one “warned” is actually PKNIC, a registrar for Pakistani .pk domains. A security hole in the registrar's systems allowed the cybercriminals to easily alter the homepages of the affected sites.

The Pakistani hackers utilized the same method to deface several high-profile Israeli sites a few days ago.

At the time of writing, none of the sites is working properly. They’re either still defaced or shut down completely.

Updated. Security researcher Rafay Baloch explains on his personal blog some of the methods that could have been utilized by the hackers to make it appear as if the sites have been hacked.