Google Malaysia Hacked and Defaced by Bangladeshi Hackers

Google Malaysia was hacked and defaced in the early hours Tuesday, redirecting all Google visitors to the hackers deface page.

In what appears to be a case of DNS hijacking, Bangladeshi/(Bengali)-based hackers hijacked the Google Malaysia domain DNS redirecting the page and visitors to a black page claiming Google had been “hacked.”

The hackers deface page boasted that Google Malaysia had been hacked by a “Bangladeshi hacker,” running under the alias “TiGER-M@te.” The hacker gave no reasoning or motive behind the attack on Google Malaysia.

During the early hours, Google Malaysia had fixed the deface page at a rather fast rate, but many Malaysian Internet users reported the deface page was still active for a number of local visitors.

A representative for Google said the attack was likely targeted at the Domain Name System (DNS). The Google Malaysia corporate and communication chief, Zeffri Yusof, said that the Google domain had not been compromised, and the incident was likely a copycat attack of an earlier DNS hijacking incident Google Malaysia has faced twice before.

Back in October, 2013, a Pakistani-based hacker group known as the MadLeets 1337 had initiated a similar attack against Google Malysia, hijacking the DNS and redirecting all users to a custom deface page.

“I do not think it is hack, it is more likely to be DNS redirection. This happened, if you remember, back in 2011 and 2013. So, it is quite a regular occurrence,” Zeffri said, speaking on the recent DNS issue. Zeffri continued, stating the incident is under investigation and the company is awaiting a report from their domain registrar, MyNIC Berhad.

MyNIC Berhard did not reply for comment regarding the recent Google Malaysia hack.

As soon as Google responded to the incident, the team urgently warned users on Twitter that the domain had been under attack and was serving a redirection. The company asked visitors to visit Google.com/ncr until the Google Malaysia domain was fixed.

A number of local Malaysian internet users reported seeing the deface page on google.com.my, continuing to urge others to visit Google.com/ncr in the meantime.

Though Google Malaysia hack cleaned up the mess rather quickly, the official deface page can be viewed on Zone-H, an archive of defaced websites. According to Zone-H, TiGER-M@TE also claims they defaced yahoo.com.my, translate.google.com.my, and youtube.my during the most recent Google attack, however, the attacks were not confirmed by Google nor local Malaysian users.