3 min read

Lizard Squad disrupts Google in Vietnam to promote DDoS-for-hire service

Graham CLULEY

February 24, 2015

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Lizard Squad disrupts Google in Vietnam to promote DDoS-for-hire service

The notorious Lizard Squad hacking gang has claimed another scalp, having successfully disrupted Google’s internet presence in Vietnam.

Visitors to google.com.vn saw the following message and image rather than the normal cheerful familiar Google search box:

google-lizard-squad

“Hacked by Lizard Squad, greetz from antichrist, Brian Krebs, sp3c, Komodo, ryan, HTP & Rory Andrew Godfrey (holding it down in Texas)”

The message went on to encourage visitors to follow the Lizard Squad on Twitter, and to buy denial-of-service attacks from their LizardStresser website.

At first you might imagine that Google’s Vietnam website has been defaced, but that’s not quite correct.

You see, even though you have visited google.com.vn, Google own servers serving pages to people in Vietnam have not been hacked. Instead, this is a case of DNS-poisoning.

To make an analogy, DNS (Domain Name System) is the telephone book of the internet. You see, when you type in the name of a website like microsoft.com, bankofamerica.com or hotforsecurity.com, your computer has to look up that meaningful name in a database in order to convert it into a specific numeric IP address, understood by computers.

If we didn’t have DNS databases you wouldn’t be able to type in the name of a website in order to visit it – you would have to remember specific numbers – such as 37.59.67.147 – instead. Clearly, that would be a nightmare.

But things can go badly wrong if an attacker manages to change the DNS record for a particular website, redirecting – in this case – Google’s Vietnam website to an IP address under the control of malicious hackers.

And that appears to have been what has happened here. Clearly, whoever was responsible for securing the DNS entry for google.com.vn wasn’t doing such a great job at it, the Lizard Squad hackers were able to gain access, and redirect all of that traffic to a webpage under their control, promoting their DDoS-for-hire service.

Of course, the Lizard Squad gang wanted to be sure that people outside Vietnam knew what they had done – so they tweeted about it..

lizard-tweet

I suppose we should all be grateful that Lizard Squad appears to be more motivated by mischief than anything else, as it would have been simple for them to have incorporated a malicious script on the page designed to infect any visiting computer with a drive-by download.

We would be foolish to think, however, that the LizardSquad gang are criminal geniuses and experts at security themselves. Just last month, security blogger Brian Krebs reported that the gang’s LizardStresser DDoS-on-demand service, which users thousands of hacked residential internet routers to bombard sites with unwanted traffic, was itself compromised, and details of over 14,000 users passed to the authorities.

It transpires that Lizard Squad failed to encrypts its registered user database, and stored usernames and passwords in plaintext.

In other words, we’re all human. And we’re all capable of making mistakes. Clearly, in this instance, Google Vietnam was caught napping.

Rather than other online companies laugh at Google’s expense, we should all take a long hard look at our own security and ask if determined hackers could wreak similar mischief on our own web properties.

Remember this is unlikely to be the last we’ll hear of Lizard Squad, and it certainly won’t be the last time that hackers hijack DNS records to redirect a popular website to one of their own choosing.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read