The official Country Code TLD Registrar for .CY (Cyprus) has been hacked by the hacker going by the alias AnonGuy. The administrators of the website seem to be unaware of the breach because the defacement of the website is still up as of the writing of this article. The file has been uploaded as a PHP format file uploaded as AnonGuy.php.
The breach and defacement by the hacker himself seems to show no motives but only as a mark left on the website stating:
~ AnonGuy Was Here ~
Along with that statement, the PHP formatted file shows a ORACLE database with a list of tables and categories. Most likely being the tables, categories and database titles of the TLD website itself. The defacement can still be seen at http://www.nic.cy/AnonGuy.php. A cached page has been saved by the hacked on Zone-H archive.
The .cy domain registrar has been hacked twice before this recent attack. Once by the hacker team J0keroo in 2015, and before that by a hacked going by the name of WoH 16 years ago in 2001.
Hackers normally tend to attack these domain registrars to DNS hijack higher profiled websites and domains, with the most likely targets being Google CC (Country Code), government websites, banks and educational institutions. High profiled websites such as those are normally registered with the Country Code TLD registrar. With hijacks such as these, no one is fully ever safe, regardless of the security on your own website, so be sure to be aware of who you register your domains with!
Leave a Reply