Entree to the Google’s Malaysian site was interrupted on 14th of April (Tuesday), Google stated, with some Malaysian users forwarded to a website stating “Hacked by Bangladeshi Hacker named Tiger-Mate.”
Google has communicated MYNIC (MALAYSIAN domain registrar), the body that handles the website’s domain, to resolve the problem, reported by the Wall Street Journal, refer to a company presenter in Malaysia.
MYNIC is operated by the Malaysian’s ministry of communications and multimedia. MYNIC operate all the websites that ending with the “.my,” revealed by Reuters.
The Wall Street Journal cited the presenter as stating, “We’re aware that some users are having trouble connecting to google.com.my, or are being directed to a different website. We’ve reached out to the organization responsible for managing this domain name and hope to have the issue resolved shortly.”
In January 2015, the Malaysia Airline was hacked similarly, and Cyber Caliphate was found responsible for the hack. That period, the Lizard Squad claimed that it had retrieved private information in the course of the hack, however promises that it would issue the data appeared to go frustrated.
Zeffri Yusof (Chief of Google Malaysia’s corporate and communication) said the Malaysian website has not been hacked, also the hack was likely a recap of the domain name system (DNS) hack that had happened at least two times before, reported by Malay Mail Online.
Hasnul Fadhly Hasan chief executive officer stated, “Our initial investigations found that the redirections were done through unauthorized modifications at the DNS level”.
He added, “Our team is now taking all necessary measures to monitor the situation and prevent further issues. We can assure that customer data was not affected by [the] incident. As part of our ongoing efforts to safeguard domain names and improve the security, we have introduced a second layer of identity verification called Two-Factor Authentication (2FA). This will ensure only the right authorized person is receiving the access code and able to change domain name records. Moving forward, we’re also looking to further enhance other layers of DNS validation to ensure end-to-end protection”.