PKNIC hacked again; The News, Jang websites among victims
KARACHI: PKNIC has been hacked on Monday morning, affecting websites of The News International and the Daily Jang.
The defacement has been done by changing the DNS records of the websites which are maintained by PKNIC. The PKNIC staff is neither responding on phone nor on emails to the website owners.
اس سے قبل یہ پچھلے سال نومبر کے آخری ہفتے کو بھی ہائی جیک ہو گئی تھی
PKNIC Admits that it was Hacked, Claims to Have Secured the System Now
By Muhammad Ali Raza | 28, Nov 2012
PKNIC, Pakistan’s internet registry that manages top level domains for Pakistan, has admitted that it was hacked this Saturday.
Giving more details on the breach, PKNIC said in a statement that a vulnerability in one of its systems caused a total of four user accounts to be breached on Saturday morning (Pakistan Time), impacting a total of nine DNS records.
Statement further claims that the said vulnerability was resolved successfully and the PKNIC team embarked on a comprehensive review of the whole website over the weekend.
PKNIC has clarified that it does not store credit card or similar financial information in its databases.
Explaining the reason for breach, PKNIC’s executive chairman Ashar Nisar, said:
“An update to strengthen security, particularly regarding attacks of the “SQL injection” kind, a more complex system had been installed. However, it inadvertently left open a vulnerability, under certain obscure conditions and contexts, that was used in the recent attack.
As a result, in addition to a thorough investigation of our entire site and systems, we reverted to the simpler more robust model of filtering out everything unknown, instead of continuing to use the new system that had been tailored to the latest threats using more complicated algorithms.”
PKNIC justified that they aren’t alone who were hacked, in fact websites like Yahoo, Twitter and LinkedIn have been comprimised in the recent past.
A Pakistani hacker had also notified of the vulnerabilities in PKNIC servers that had caused the breach into its servers.
Can take several hours for the bogus DNS records in various domain servers world wide to become stale.
So, Rehman Malik has clones too. IT minister must be another crony of Zardari.
Will there be another minister just for Information Security? IT is a big area now.
Pakistan Cyber Army Warns that PKNIC is Still Vulnerable
By Muhammad Ali Raza | 04, Dec 2012
A security flaw in PKNIC servers, that had caused the redirection of 284 .PK domains, including google.com.pk, to hackers’ server, still exists and is very much there — claims an email sent to ProPakistani by Pakistan Cyber Army.
PKNIC – the entity responsible for managing Pakistani TLDs, i.e. .PK, com.PK and others –had earlier admitted that it was hacked due to a security flaw but had claimed that its system was secured after an intense internal security audit.
Pakistan Cyber Army, a group of elite hackers from Pakistan, tells ProPakistani that it had also warned PKNIC before the hacking on November 9th, 2012 about the flaw.
PCA says that PKNIC never replied to its warning email and was eventually hacked on November 24th, 2012.
Pakistan Cyber Army has now again tested PKNIC servers and identified that its still vulnerable to SQL injection, even after PKNIC has claimed that its system is secure now.
Pakistan Cyber Army said that vulnerabilities in PKNIC were worked out by following PCA members:
A security expert, who wanted to remain unnamed, confirmed ProPakistani about the flaws in PKNIC system and said that PKNIC is vulnerable since 2006.