Google Bangladesh Defaced; but don’t get too excited

On January 8th of 2011, a large number of people who tried to access Google Bangladesh
( http://www.google.com.bd) between 7:24pm to 10:30pm were baffled by what they saw. The browser shrunk and started dancing around the desktop only to be restored to full screen size with a message ” Google Bangladesh OwN3D by TiGER-M@TE” instead of the localized version of the ordinary Google home page. The whole package was neatly wrapped up with a rap song playing in the background the lyrics to which were something like “This joint is dedicated to all the hackers and the crackers, yo!”

Bdnews24.com reported the incident as “hacking” and all the computer geeks in local online forum went viral with the news. Pradip Dey, the chief technical officer of a leading ISP confirmed the “hack”, saying, “The site has definitely been hacked”

Nevertheless, it seems like only a subset of users see the defaced landing page, while others report that they can visit and use the search engine without any hiccups. The only people who could actually see the defaced page were the subscribers of small local ISP’s. Qubee and Banglalion and other wireless subscribers were reported being able to access the Google Bangladesh page without being rebounded to the defaced page. For people visiting Google Bangladesh from abroad, it worked perfectly without any defacement. So whether the page was actually hacked is debatable. Nevertheless, it didn’t stop the local hacking community from going bonkers over the incident. Common reactions from local hackers were along the lines of: “Wow never thought it would happen.” and “Never thought anyone would actually accomplish this. Kudos to whomever this guy is.”

Shortly after the incident, Google put a huge damper on the geek celebrations by confirming that the defacement was not a result of “hacking” but DNS registry issues in Bangladesh. The official statement from Google on the subject is “Google Bangladesh has not been hacked. Apparently this is actually a Bangladeshi DNS registry issue that caused users going to google.com.bd and other web addresses to be redirected to another site. The issue is now resolved but may not clear for a while because of cache issues.”

Obviously the official statement from Google wasn’t as publicized as the defacement, since the leading internet experts of the country along with BTCL claiming that Google was hacked instead, conveniently glossing over the DNS registry issues at BTCL. A local hacker who wishes to remain anonymous had this to say on the subject “Of course Google wasn’t hacked! Their servers are located in the Virginia, US. They have super-computers checking every single bit of data entering their systems. How do you expect to hack such a thing? Google isn’t stupid. It was the weakness of the BTCL that allowed hackers to attack the DNS records.”

The hacker responsible for the defacement calling himself TiGER-M@TE still remains at large. Although he didn’t actually hack Google, hacking the DNS records is no meant feat and still pretty impressive. The same person aka TiGER-M@TE is also responsible for defacing several other high profile websites like Microsoft, HSBC, and Yahoo. All of them containing the domain “.bd”, meaning all of them were local versions of the international websites and were defaced the same way, by messing with the DNS records. The full list of websites hacked and defaced by TiGER-M@TE can be viewed here: http://www.zone-h.org/archive/notifier=TiGER-M@TE

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s