Microsoft, HSBC, Sony, Coca-Cola(...) New Zealand hacked - UPDATED

21/04/2009 Written by Marcelo Almeida and Kevin Fernandez

Ear­lier today some Turk­ish defac­ers broke into the New Zealand based reg­is­trar Domainz​.net (which belongs to Mel­bourneIT) and redi­rected some of their cus­tomers’ high pro­file web sites to a third party server with a defaced page. Com­pa­nies which had their New Zealand web sites defaced include Microsoft, HSBC, Coca-​Cola, F-​secure, Bit­de­fender, Sony and Xerox.



Read more…

The hacked web­sites car­ried the mes­sages: “Hacked by Peace Crew” ‚“STOP THE WAR ISRAEL”. In addi­tion the crack­ers inserted a pic­ture of Bill Gates creampie’d on the Microsoft defacements.

It is inter­est­ing to note that the attacker going by the han­dle of “agd_​scorp”, a mem­ber of Peace Crew, hacked a big amount of MSN and microsoft.* web sites in the past (Microsoft Canada, Morocco, Tunisia, Aus­tria, Ire­land… MSN Israel, Korea, Spain, Den­mark, China, Norway…).

This time they exploited a sim­ple SQL Injec­tion vul­ner­a­bil­ity to hack the admin­is­tra­tion panel of the reg­is­trar, where they mod­i­fied the DNS records of the domains. Again, it is quite scary to see how a so big com­pany can get hacked because of a famous pro­gram­ming vulnerability.

Reg­is­trars have been one of the main aims dur­ing the past months as they are often the weak­est link and an easy tar­get for attack­ers who want to hijack high pro­file web sites.


Here is the list of the defaced sites with their mirrors:

Time Attacker H M R Domain OS View
2009/​04/​21 Agd_​Scorp H M www​.hsbc​.co​.nz Linux mir­ror
2009/​04/​21 The­hacker H M www​.linux​.co​.nz Linux mir­ror
2009/​04/​21 The­hacker H M www​.sony​.co​.nz Linux mir­ror
2009/​04/​21 Agd_​Scorp H M coca​-cola​.co​.nz Linux mir­ror
2009/​04/​21 The­hacker H M www​.xerox​.co​.nz Linux mir­ror
2009/​04/​21 rx5 H M www​.fanta​.co​.nz Linux mir­ror
2009/​04/​21 rx5 H M www​.​f​-secure​.co​.nz Linux mir­ror
2009/​04/​21 The­hacker H M www​.win​dowslive​.co​.nz Linux mir­ror
2009/​04/​21 rx5 H M www​.bit​de​fender​.co​.nz Linux mir­ror
2009/​04/​21 Agd_​Scorp H M www​.msn​.co​.nz Linux mir­ror
2009/​04/​21 Agd_​Scorp H M R www​.microsoft​.co​.nz Linux mir­ror
2009/​04/​21 Agd_​Scorp H M hot​mail​.co​.nz Linux mir­ror
2009/​04/​21 rx5 H www​.live​.co​.nz Linux mir­ror
2009/​04/​21 Agd_​Scorp H M www​.msn​.org​.nz Linux mir­ror
2009/​04/​21 Agd_​Scorp H M www​.msdn​.co​.nz Linux mir­ror


UPDATE:
Peace Crew attacked the NIC from Puerto Rico. And once again, they gained access to the admin­is­tra­tion panel using an SQL Injec­tion flaw.

Time Attacker H M R Domain OS View
2009/​04/​26 BLaSTER H M live​.com​.pr Linux mir­ror
2009/​04/​26 BLaSTER H M trans​late​.google​.com​.pr Linux mir­ror
2009/​04/​26 rx5 H M nokia​.pr Linux mir­ror
2009/​04/​26 rx5 H M dell​.com​.pr Linux mir­ror
2009/​04/​26 rx5 H M hsbc​.com​.pr Linux mir­ror
2009/​04/​26 rx5 H M pcworld​.com​.pr Linux mir­ror
2009/​04/​26 rx5 H M www​.coca​-cola​.com​.pr Linux mir­ror
2009/​04/​26 rx5 H M nike​.com​.pr Linux mir­ror
2009/​04/​26 rx5 H M nike​.pr Linux mir­ror
2009/​04/​26 rx5 H M nor​ton​.com​.pr Linux mir­ror
2009/​04/​26 rx5 H M www​.nor​ton​.pr Linux mir­ror
2009/​04/​26 rx5 H M www​.pay​pal​.com​.pr Linux mir­ror
2009/​04/​26 rx5 H M www​.fanta​.net​.pr Linux mir­ror
2009/​04/​26 rx5 H M www​.fanta​.com​.pr Linux mir­ror
2009/​04/​26 rx5 H M www​.coca​-cola​.pr Linux mir­ror
2009/​04/​26 The­hacker H M www​.yahoo​.com​.pr Linux mir­ror
2009/​04/​26 The­hacker H M adwords​.google​.com​.pr Linux mir­ror
2009/​04/​26 The­hacker H M images​.google​.com​.pr Linux mir­ror
2009/​04/​26 The­hacker H M groups​.google​.com​.pr Linux mir­ror
2009/​04/​26 The­Hacker H M www​.google​.pr Linux mir­ror
2009/​04/​26 Agd_​Scorp H M msn​.pr Linux mir­ror
2009/​04/​26 Agd_​Scorp H M adsense​.google​.com​.pr Linux mir­ror
2009/​04/​26 Agd_​Scorp H M hot​mail​.com​.pr Linux mir­ror
2009/​04/​26 Agd_​Scorp H M microsoft​.com​.pr Linux mir­ror
2009/​04/​26 Agd_​Scorp H M news​.google​.com​.pr Linux mir­ror
2009/​04/​26 Agd_​Scorp H M www​.gmail​.pr Linux mir­ror
2009/​04/​26 Agd_​Scorp H www​.google​.com​.pr Linux mir­ror


Share this content: