As of recent problems lighting up with PKNIC vulnerability (PKNIC is the Pakistani (.PK) domain name registry), allowed hackers from Turkey to hack into the Pakistani versions of Google, Yahoo, and MSN, plus nearly 300 other webpages. The Turkish hackers also defaced the Pakistani Google homepage. Now, if that isn’t bad enough, an Algerian hacker decides to deface Google and Yahoo in the Romanian versions.
For the Pakistani .PK domain registry, a vulnerability in SQL could allow for injection to exploit it. Therefore, that’s exactly what happened when Turkish hackers hacked into somewhere near 300 .PK domains and defaced at least Google’s .PK site, and maybe a few others. Apparently, during this even, some users were redirected to a webpage showing two penguins and the slogan “Pakistan Downed”.
For the defacement of the Romanian versions of Google and Yahoo (.RO), an Algerian hacker changed the DNS records of those search pages for the sites to a recently hacked server in the Netherlands. It is likely changed DNS records, or some have stated a DNS poisoning attack is also possible.
It is contested on whether the same hacker(s) did both jobs, or if this was two different parties that coincidentally did the same type of work at the same time.
Due to the (once again) uprising of conflict in the Middle East, newer digital attacks are likely, also. It is no surprise to see these issues light up again.
If the attackers had other malicious intents, these hacks could have been worse!
Today, it has been discovered r00tbeersec making its return with the hack on Philips. As we reported yesterday, r00tbeersec is a new hacking group apparently wanting to make a grand entrance in to the hacking world. Plaintext passwords were revealed in the hack against Philips. First AMD…now Philips. For those who don’t know, Philips is a Dutch-based technology extraordinaire.
Anyway, Philips is the victim of a few small SQL database leaks. Maybe a few skiddie SQL hacks. In the databases that were leaked, phone numbers, passwords and hashes, and even addresses were leaked. These databases were storing plaintext passwords, which is known to be quite a vulnerability. Those passwords should be in encrypted databases, not in plaintext.
Of course, poorly chosen passwords were found, just like a poor database (unencrypted). All in all, their company was just waiting/asking to be attacked, per speculation. And of course, r00tbeersec wanted to show off their 200,000 spilled email addresses.
In case you’re wondering, password security is still a problem. Read more here.