PKNIC, Pakistan’s internet registry that manages top level domains for Pakistan, has admitted that it was hacked this Saturday.
PKNIC said that a security breach in one of its sytem was the root cause for redirection of some 284 domains – including google.com.pk, apple.pk, ebay.pk and others – to hacker’s web server.
Giving more details on the breach, PKNIC said in a statement that a vulnerability in one of its systems caused a total of four user accounts to be breached on Saturday morning (Pakistan Time), impacting a total of nine DNS records.
Statement further claims that the said vulnerability was resolved successfully and the PKNIC team embarked on a comprehensive review of the whole website over the weekend.
PKNIC has clarified that it does not store credit card or similar financial information in its databases.
“An update to strengthen security, particularly regarding attacks of the “SQL injection” kind, a more complex system had been installed. However, it inadvertently left open a vulnerability, under certain obscure conditions and contexts, that was used in the recent attack.
As a result, in addition to a thorough investigation of our entire site and systems, we reverted to the simpler more robust model of filtering out everything unknown, instead of continuing to use the new system that had been tailored to the latest threats using more complicated algorithms.”
A Pakistani hacker had also notified of the vulnerabilities in PKNIC servers that had caused the breach into its servers.