Google’s Malaysian domains google.com.my and google.my were hijacked, redirecting users to a webpage that announced the attack was perpetrated by a Pakistani group called Madleets. MYNIC, the sole administrator for web addresses in Malaysia confirmed the attack in a statement.
“We can confirm there was unauthorised redirection of www.google.com.my and www.google.my to another IP address by a group which called themselves TeaM MADLEETS,” the MYNIC statement says.
“The problem was alerted in the early morning and MYNIC Computer Security Incident Response Team (CSIRT) immediately started to resolve the issue. The domain name www.google.com.my has been restored to their correct information at 7.10 am today and www.google.my is still resolving.”
The attack appears to have been a case of DNS cache poisoning and lasted a few hours, redirecting users to a Canadian-hosted website, according to Integricity, the company who administers Google’s Malaysian domains.
“Just after midnight on 11 October 2013, our FatServers operations centre was notified of an unauthorised update to one of the domains under our care – google.com.my,” the statement from Integricity said.
“We immediately tried to log into the MYNIC reseller system to check on the status, but were unable to do so. The DNS servers for this domain have been modified and this has caused the URL to be pointed to a page that shows the site has been hacked… We are attempting to contact MYNIC for immediate rectification of the problem. More updates to follow.”
No further updates are available at this time.