Google.com.pk and 284 Other .PK Domains Hacked

اسے اردو میں پڑھیے

Start page for majority of Pakistanis – when they first visited it this morning – was found hacked and defaced. Yes, Google.Com.PK along with 284 other .PK domains were hacked today (and are still defaced).

According to Irfan Ahmed, an expert on Pakistani websites and web-servers, this defacement is due to change in DNS entries for 284 .PK domains that are managed by MarkMoniter.

Defaced domains include Microsoft.PK, apple.PK, paypal.PK, ebay.PK, blogspot.PK, chrome.PK, Cisco.PK and others.

Apparently no one has claimed the responsibility for the incident, but a message appearing on defaced pages, including on Google.com.pk is displaying a message in Turkish language, hinting that the hacker could be Turkish in origin.

Hacker hasn’t left any message for anyone, unlike the norm that hackers follow to convey their message through such defacements.

However, there is a phrase saying “Downed Pakistan”, a sign of victory for hackers when the deface a website.

Check below the screenshot of hacked Google.com.pk – which is still in-tact for few users.

Google Pakistan

Tech and telecom reporter for over 15 years


  • Seems Turkish hacker Mr. eboz got access to the PKNIC account for changing Nameservers ~ http://goo.gl/yREkq

    – It’s not their fault (Google) this breach happened from our side (PKNIC) – Google is still down from my side since last 3 hours. It’s 10:02 AM – I’m using PTCL Broadband.

    • A lot of experts sitting here and i want to share some thing too.

      Its not google that has been hacked. Possibly our TLD (top Level Domain) i.e pknic has been compromised and the name server entries were changed . The websites are re-routed not hacked. This was the same thing happened to supreme court website couple of moths back so it seems that there is some security hole that is not covered by pknic.We should blame pknic not google, but at the end of the day security is not 100% possible.

  • Cannot be the work of any Turkish. It is some Indian or Israeli who is using Turkish Language just to create confusion.

  • someone using evo? having any trouble with this today? disconnecting every 2 minute from 7a.m today

  • Lol, only the home page is down.
    If you try to Google something from the Chrome address bar, it works absolutely fine.

    Misleading title for an article, since only the “homepage” has been hacked, not the entire website.

  • It is not Google, but instead PKNIC account of the agent MarkMonitor instead, the hacker was able to change DNS addresses to freehostia.com.

  • only http site is hacked not HTTPS .. HTTPS is working cool ..

    :::

    eboz of a friend always there for me My homies have not shot by me with every breath

    Downed Pakistan

    ?
    trabzon 2012Hello friends who are still alive not dead!

  • From the last few days, Pakistani Hackers are in action and are keep on hacking Israeli different important websites just to show their respect towards muslims and their anger towards Israeli’s f__k policies…. May be all of this be the result of that Paki hacker’s act!

  • .pk domains down due to security reasons for moharram,by rehman malik……………lolzz

  • Google Translate, Translates it as My homies is not with me I always have with me for a friend with every breath shot

    And the footer line says My homies is not with me I always have with me for a friend with every breath shot

    And not only that, The hacker just haven’t hacked Pakistani domains but even thousands of different domains

    https://www.google.com/search?q=dostlara+selam+%C3%B6lmedik+hala+ya%C5%9F%C4%B1yoruz&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

  • not accessable, connection reset error…… even ip is not accessable. server has been retarded :(

  • It says downed by Eboz!! he is a turkish hacker. To everyone the page asks you to download a plugin dontt !!!

  • off topic but just clicked a link at Facebook got re routed to youtube and suddenly video started playing. Did i miss any notification issued about opening youtube in pakistan? I am on EVO by the way.

  • Jitni Website Bhe Hacked Hoi Hain Sab Ki Sab Multinational Companies Ki Thi. Or Tmam Ka NS dns1.freehostia.com , dns2.freehostia.com Per Set kiya gaya he.
    i Think PKNIC K Database Se Koi Gar Bar hoi he. Wo Tmam .pk Domain Hacked Hoaay Hain Jin Ka CNAME Redirected Tha.

  • There was a paypal.com.PK ??? how did no one knew abt it ? and did paypal.com.pk provides payment services for pakistan ??

  • turkish prime minister visited Ghaza as solidarity of Muslims. Pakistani hackers hacked their websites. Jews are very sensitive to their enemies. Thats why they pictured such event to disheart people of Pakistan and to counter attack on us. in other words aik teer sa do shikaar.

  • so where are the smart hacker …..
    they should have foreseen the attack and must have defended it ….
    if they can not defend us then should not enter the game ….

  • Now the site is back they just change the main servers that why it takes time to re-update the servers name back. believe me this is noting big they cant hack internet giant google original servers:))

  • My homies is not with me I always have with me for a friend with every breath shot .

    kankalarim hep yanimda arkadas icinde yanimda olmayan mi var cekimlik her nefeste .

  • Here is my observation:

    Most of them are well known cTlds for example, microsoft.pk, yahoo.pk, ebay.pk, visa.com.pk, paypal.pk, sony.pk etc.

    Interesting part is they all have 2 things in common:

    1. They are all registered through PKNIC
    2. They are all “not in use” domains and registered for Brand and identity protection only (in simple words, so that no one else can have it).

    Hackers had access to PKNIC as they modified NS entries for each domain and change to dns1.freehostia.com and dns2.freehostia.com respectively.

    I have a feeling that these domains were ignored or forgotten by their owners. Every domain is set to expire in less than 4 months if you closely observe. These domains domains were not actively used and there was no pages to serve on these domains. They were all registered by a single company : MarkMonitor. who is responsible to manage brand protection, etc. for all of the above companies.

    any feedback?

  • PKNIC has a big problem of ns name grouping, first of all user need to create a ns name record group and then allocate it to a domain or set of domains

    if some one need to change in ns then he need to create a new ns group not directly. if you just locate the domain and click the ns to change it will change the whole group not a single domain.

    So that could be reason for mark monitor


  • Get Alerts

    Follow ProPakistani to get latest news and updates.


    ProPakistani Community

    Join the groups below to get latest news and updates.



    >