Thursday, January 27, 2022

Google, Paypal, Microsoft and many other Romanian sites hacked

Romanian Google, Microsoft, Yahoo, PayPal, and various other sites were briefly redirected to a rogue server on Wednesday. The redirect is most likely the outcome of a decade-old hacking method that underlines the fragility of the Internet’s routing system.

For a span of one to several hours on Wednesday morning, people typing where greeted with a deface page or another server hosting a deface page. Researchers stated the most likely explanation for the redirection is a technique known as DNS poisoning, in which domain name system routing tables are tampered with, causing domain names to resolve to incorrect IP addresses.

Kaspersky Lab Senior Security Researcher Stefan Tanase said Wednesday’s attack could have been a lot worse. Thus far, all accounts indicate visitors were redirected to a page that did little more than boast of the exploit and acknowledge fellow hackers.

“Imagine how many accounts could have been compromised this morning if these websites were redirected to a phishing page, instead of a defacement page,” he wrote.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Top Massachusetts hospital suffers a data breach

One of the United State’s leading hospitals, Massachusetts General (MGH), has fallen victim to a …