The most affected population were the Pakis, when the biggest players in the tech world were compromised today and for several hours, Google.com.pk, Google.pk, Apple.pk, Yahoo.pk, Microsoft.pk appeared not to be working. Other 279 Pakistan sites got hacked by Eboz, a group of hackers who appeared to be of Turkish origin, this group has hacked a number of sites today, taking Pakistan as today’s scape goat.
A lot of Pakistani website got hacked today by Eboz
A total number of 313 sites were hacked and defaced by Eboz, when the Zone-h archives of the defaced websites were searched; more of the defected were 85 single IP with a mass defacement of 228 sites, most of which are Turkish, with the list covering some countries and big domains. Any of the today’s Pakistani list were not found in the archive showing that Eboz is defacement is associated with 600 deformations.
More sites who received the “hacked by Eboz” defacement are “safe4web”, and a part of Sauveterre, a Czech advert company, MG events membership page was also a victim, the date found on Sauveterre seems to go back to 2009, showing that the name Eboz has been in use for hacking for years.
The aim of Eboz is yet to be clarified, but a guess looked into the political direction. Earlier in the week, Softpedia reported that some sites were hacked in Israel by Eboz, by the group appeared to have shown up from Pakistan, but this time around, Turkish.
As shown on some of the messages on the hacked sites, the showdown do not appear political, one of the affected sites displayed a message that the hacking is just to show that there is still a security flaw. This is a message read from one of those sites; “Why we have wasted our time to hack Pakistani Sites? Just because let us convey our message. We warned you and we were willing to fix your vulnerability but you think we are jokers and you guys took it as a joke? Yes it’s time to bang you guys!!” according to Softpedia.
Here is what one of the pages TechCrunch came across looks like:
And the messages found on it when translated via Google translate, this is what it read “eboz: of a friend always there for me / My homies have not shot by me with every breath.” The screenshot was taken from http://www.msn.org.pk/
Most of the sites while struggling to gain back access, has to shut down the hacked site altogether as they regain back full control.
The same was for the Sauveterre’s site hacked, the message there translated to “this hacking is just for hacking’s sake”.
“No More Smile. 🙂 Sorry Guyz Was Just Bored. Don’t Panic It Happens All The Time, Just Secure Your Mind, Then Secure Your Shit.”
When critically soughted, it seems the loop hole of today’s hacking went through breaching the Pakistan’s TLD operator gateway, PKNIC, that admins and registers all .pk domains. While checking the hacked sites via the PHNIC’s look up, it shows that all the sites were redirected to tow nameservers, dns1.freehostia.com and dns2.freehostia.com. Look at Apple.pk as an example:
None of those two domains seems to be in operation, it could later point to legit sites that will later resurface.
Are you afraid? don’t be, it happens all the time and the company concerned will fill up loop holes.
Let me here your word in my comment box?
©2015 TechAtLast Int'l Media, Inc. All Rights Reserved.