Google.ie and Yahoo.ie hijacked, Yesterday for a brief period of time Google and Yahoo both had services hijacked on their Irish domain name services, Google.ie and Yahoo.ie both had there sites redirected to another website and services relating to mail, maps etc were down for a period of time.
Registry records for the google.ie domain show that all traffic to that domain is ordinarily processed and redirected by so-called ‘name servers’ run by Google itself – in this case, ns1.google.com.
For a period earlier today, however, those records were changed so that traffic was sent to be redistributed by an Indonesian-registered site, farahatz.net. That site has now been taken offline, but it is not known whether the site could have been created with malicious intent.
The records were changed again by mid-afternoon, but delays in those changes being updated may mean that some visitors could still have difficulty accessing Google.ie for several hours.
The move also means that some other services reliant on the google.ie domain name, such as the Irish-specialised version of Google Maps (maps.google.ie).
The names of the administrators attached to the google.ie domain did not change during the incident – suggesting that the records may have been changed as a result of so-called ‘social engineering’, where an unauthorised person adopts fake credentials and encourages others to make the appropriate changes.
According to several sources reporting the story today the following statements have been made below.
The IE Domain Registry, which administers Ireland’s .ie Internet code, said in a statement that visitors to two high-profile Irish sites were redirected to “allegedly fraudulent addresses” on Tuesday. The registry didn’t identify the sites by name, but Irish Internet users flooded the Web with complaints about www.google.ie and www.yahoo.ie .
Google said in a statement that some users might be having trouble accessing its Irish site and said it was working to fix the problem. Yahoo did not immediately return several messages seeking comment.
San Francisco-based MarkMonitor, the registrar responsible for both addresses, blamed lax standards at the Irish registry level for the incident. That was a sentiment backed by Michele Neylon, the chief executive of Ireland’s Blacknight Web hosting company.
“It wouldn’t be that hard to hijack a high-profile .ie domain name,” he said in a telephone interview. “What happened today could’ve been a lot worse and could happen to any number of big names.”
You can read more about this story here