Iranian hackers deface multiple big companies Turkmenistan domains (.tm) yesterday using DNS poisoning attack. All hacked domains are registered by NIC at Turkmenistan. Hacker managed to find and exploit a SQL Injection vulnerability in NIC website in order to get database of the site.
Because the passwords was stored in plain text, that make more easy for those hacker to access the domain panels of each domain and changing the DNS entries to shift websites on a rouge server with defaced page. The defaced message as shown below:
Defaced domains :
- www.youtube.tm
- www.gmail.tm
- www.msdn.tm
- www.intel.tm
- www.officexp.tm
- www.xbox.tm
- www.windowsvista.tm
- www.orkut.tm
- www.google.tm
Mirror of hacks are available at Zone-H.