DNS change puts 284 Pakistani websites at mercy of hackers
It seems there's at least one notable case of hacking each week, if not more. Today could be the biggest event of the year in Pakistan, due to a change in the DNS entries for 284 Pakistani domains managed by MarkMonitor.
These aren't small sites feeling the impact. Sites such as Google.pk, eBay.pk, and Microsoft.pk are all affected by the DNS entry changing. At the time of writing, Microsoft and Google's Pakistani sites cannot be reached at all. eBay's page has been defaced, as you can see in the screenshot above.
Feeding it through Google Translate identifies the language as Turkish, so the origins of the attack could be traced down to the country. The translation is mangled, but it still manages to put across its point even if it is awkward to read:
My homies in a friend always there for me
Have not shot by me with every breath
Hello friends who are still alive not dead!"
There may be some information usable within that quote. Trabzon is a city on Turkey's north-eastern coast, famous as being one of the stopping points on the 'Silk Road'. Currently, nobody has come forth to take responsibility for the action, which is somewhat unusual since hackers tend to be quick to celebrate a victory.
Thanks to Neowin user AtriusNY, we also have a better understanding of the final sentence, below "Pakistan Downed". He explains that this is an almost-joking statement, akin to "Greetings to friends. We didn't die, we are still alive".
Interestingly, their penguin image on the eBay page also appears elsewhere. Using a reverse image search on Google, it can also be found on the Bulgarian Red Cross page. The only difference is that the comments about "Pakistan Downed" are not present on the Bulgarian hack.
According to Zone-H, the name "eboz" has been attributed to a number of different hacking attacks dating as far back as 2009.