As I mentioned in an update of my previous article, google.ro and yahoo.ro were in fact defaced and not hacked. This means that DNS records for yahoo.ro and google.ro were changed with a procedure called DNS poisoning, a technique of DNS Hijacking.
DNS hijacking or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries. This can be achieved by malware that overrides a computer’s TCP/IPconfiguration to point at a rogue DNS server under the control of an attacker, or through modifying the behaviour of a trusted DNS server so that it does not comply with internet standards. (wikipedia.com)
The hijack seems to be TLD related, as google.ro was down not only in Romania, but all over the world.
No official statements were made so far.
- Google Romania (google.ro) was hacked this morning (+2 GMT)
- Far Cry 3: 10 minutes trailer was released