The official Country Code TLD Registrar for .CY (Cyprus) has been hacked by the hacker going by the alias AnonGuy. The administrators of the website seem to be unaware of the breach because the defacement of the website is still up as of the writing of this article. The file has been uploaded as a PHP format file uploaded as AnonGuy.php.

The breach and defacement by the hacker himself seems to show no motives but only as a mark left on the website stating:

~ AnonGuy Was Here ~

Along with that statement, the PHP formatted file shows a ORACLE database with a list of tables and categories. Most likely being the tables, categories and database titles of the TLD website itself. The defacement can still be seen at http://www.nic.cy/AnonGuy.php. A cached page has been saved by the hacked on Zone-H archive.

Screenshot of the deface page uploaded by AnonGuy on NIC.CY
Screenshot of the deface page uploaded by AnonGuy on NIC.CY

The .cy domain registrar has been hacked twice before this recent attack. Once by the hacker team J0keroo in 2015, and before that by a hacked going by the name of WoH 16 years ago in 2001.

Hackers normally tend to attack these domain registrars to DNS hijack higher profiled websites and domains, with the most likely targets being Google CC (Country Code), government websites, banks and educational institutions. High profiled websites such as those are normally registered with the Country Code TLD registrar. With hijacks such as these, no one is fully ever safe, regardless of the security on your own website, so be sure to be aware of who you register your domains with!

Founder, content creator and writer of The Hack Post. I am an independent cyber security researcher and ethical hacker. I am passionate and committed to educating the world to spread information and expose the threats that exist online. I have a vast span of knowledge and experience in the field of hacking and I’m here to share it all with everyone else.

LEAVE A REPLY

Please enter your comment!
Please enter your name here