YouTube, Gmail, Google, Intel Turkmenistan Sites Defaced by Iranian Hackers

The attackers leveraged an SQL Injection vulnerability to hack the TLD administrator

By on January 25th, 2013 09:11 GMT

Users from Turkmenistan who have attempted to access websites such as YouTube.tm, Gmail.tm, MSDN.tm, Intel.tm, Xbox.tm, Orkut.tm or Google.tm over the past few hours have been greeted with a defacement message posted by hackers. 

Cyber News reports that this is the work of Iranian hackers.

The sites themselves have not been breached. For all we know, many of the domains might not even be actively used.

The hackers have actually penetrated the systems of nic.tm, the administrator of the .TM top level domains.

The attackers claim they’ve identified an SQL Injection vulnerability in nic.tm, which has allowed them to steal and leak all the user credentials stored in the company's databases.

Besides leaking the data, the hackers have also gained access to DNS records. By altering them, they’ve been able to redirect the visitors of the aforementioned websites to their own domain.

Over the past few months, we’ve witnessed similar cases of DNS poisoning in MoroccoRomania, Pakistan and Israel.

Comments

Several .tm domains defaced by Iranian hackers
   Several .tm domains defaced by Iranian hackers