As reported today few hours back Google Indonesia was Hacked and left defaced page for hours. The technology gaint Google Indonesia domain which is www.google.co.id was hacked and left defaced for several hours in morning, The very famous Pakistani hackers group “Team Madleets” claimed responsibility for the hack.
Google Indonesia was hijacked using a hacking method known as DNS Spoofing ( DNS Cache Poisoning ) . Pakistani hacker’s group “Team Madleets” are known for such attacks targeting big websites like Google, Last year the same method was used to hijack Google Malasiya domian.
What is DNS Poisoning?
In short, DNS spoofing or DNS cache poisoning is a hacking attack, whereby data is introduced into a Domain Name System (DNS) name server’s cache database, causing the name server to return an incorrect IP address, diverting traffic to another website.
Normally, a networked computer uses a DNS server provided by an Internet service provider (ISP). which are deployed to improve resolution response performance by caching previously obtained query results
Attacker spoofs the IP address DNS entries for a target website on a given DNS server, replacing it with the IP address of a server which he controls, thus redirecting the whole traffic to his deface page. It is believed that the DNS spoofing led the Google Indonesian users to another IP which carried the Madleets defaced page.
Google Indonesia Website was left defaced for several hours
While it is not clear for how long the Google Indonesia website was left defaced, but reports suggest that the attack continued for hours, Team MaDLeeTs also changed the earlier deface page planted after 2 hours with a new one.
The Google Indonesia website has been now restored back, but it is still unsure if the domain registrant was breached by the attackers, and if the they still have control over it. If yes then we may see such kind of attacks in future again.