Turkmenistan Gmail, Microsoft, Youtube Domains Hijacked

ID THN:0E2965874ACCFF15A8376DA275569103
Type thn
Reporter Mohit Kumar
Modified 2013-01-25T11:00:47


Iranian hackers deface multiple big companies Turkmenistan domains (.tm) yesterday using DNS poisoning attack. All hacked domains are registered by NIC at Turkmenistan. Hacker managed to find and exploit a SQL Injection vulnerability in NIC website in order to get database of the site.

Because the passwords was stored in plain text, that make more easy for those hacker to access the domain panels of each domain and changing the DNS entries to shift websites on a rouge server with defaced page. The defaced message as shown below:

Defaced domains :

  • www.youtube.tm
  • www.gmail.tm
  • www.msdn.tm
  • www.intel.tm
  • www.officexp.tm
  • www.xbox.tm
  • www.windowsvista.tm
  • www.orkut.tm
  • www.google.tm

Mirror of hacks are available at Zone-H.