Slashdot Mirror

← Back to Stories (view on slashdot.org)

Paraguayan ccTLD Hacked, Google.com.py Redirected, Internal Database Leaked

Posted by Unknown on from the security-audits-who-needs-em dept.

MrJones writes "Last February 20th, hackers supposedly from Iran accessed and modified (English) the www.NIC.py database, redirecting www.google.com.py to another site. The hackers posted the whole NIC.py database containing full names, national ID numbers, street addresses, phone numbers, and more of registrants. This is not the first time (English) that NIC.py, managed by the 2 most respectful Computer Science Universities of Paraguay, was hacked. Since the entire database was released, local white hat hackers were able to calculate how much money NIC.py was making annually (English) by charging $44 US per .py domain. The local CS community are urging the NIC.py administrators to do all whats possible to protect the .py domain names since the hack was done by exploiting a simple remote code execution vulnerability. If they can modify google.com.py, just imagine what they can do to banks and financial institutions. Maybe Google can helps us."

7 of 44 comments (clear)

  1. Maybe it just isn't the best criteria by Anonymous Coward · · Score: 5, Funny

    "managed by the 2 most respectful Computer Science Universities of Paraguay"

    I'm all for politeness but I think something like this should probably be managed by the most respected Universities.

  2. Re:not incompetent, just lazy! by Chrisq · · Score: 2

    The Paraguayans are lazy about patching their security holes because the weather is so nice.

    Hence the "Maybe Google can helps us". Why bother to leave the hammock yourself!

  3. For extra irony points by Arancaytar · · Score: 5, Funny

    I hope it was a vulnerability in their Python code?

    1. Re:For extra irony points by Fear+the+Clam · · Score: 3, Funny

      There are no Pythons genus snakes in South America. The closet you get are the Eunectes, which includes the Anaconda.

      The Anaconda don't want none unless you got root access, Hon.

    2. Re: For extra irony points by jones_supa · · Score: 2

      Anyone reading this at Dice...can you at least finally add the Unicode support to the Beta?

    3. Re: For extra irony points by Cryacin · · Score: 3, Funny

      No Dice.

      --
      Science advances one funeral at a time- Max Planck
  4. Most respectful? by wonkey_monkey · · Score: 4, Funny

    the 2 most respectful Computer Science Universities of Paraguay

    Respectful is nice. Respected would be better.

    --
    systemd is Roko's Basilisk.