07 Jan 2014
Tajikistan's Google, Yahoo, Twitter and Amazon domains have been affected by an Iranian hacker who breached the Domain Registrar (domain.tj), according to The Hacker News.
A hacker by the name of Mr.XHat breached the systems of Tajikistan’s Domain Registrar and redirected the visitors of Google, Yahoo, Twitter and Amazon to a defaced page.
“The hacker claimed to have the Root access to Mysql database of the site, where customer passwords are stored in a hashed / encrypted format,” said the article. “To get an access to Twitter/Google's Customer domain panel, he smartly changed the administrative email address of respective accounts to his own email address and proceed with password recovery option.”
The hacker allegedly exploited a Directory Traversal vulnerability to obtain access to the administrator panel.
The “defaced” domains have been recovered by their owners. The Tajikistan Domain Registrar made no comment regarding the incident.