Reports and messages left allegedly by the hacker, [email protected], suggest the popular hacker this time around teamed up with another only known as h311 c0d3 for an extensive hacking and defacement campaign which seems to have mainly targeted Malawi domain registry.
Zone-H records show that the two hackers managed to deface Malawi Google, Malawi Yahoo and Malawi MSN.
Going through the Zone-H records also shows many more websites which were defaced by the two hackers during the said campaign.
Reports suggest they hacked into the Malawi - .mw – Domain Registrar website, targeted master and slave DNS servers and further used a DNS poisoning attack to target top domains.
As part of the DNS poisoning attack they are alleged to have changed the DNS records for the affected domains. This resulted in the domain names being pointed to their own web server which had the defaced page.
The Malawi Domain Registrar has since fixed this with the relevant websites now resolving as they should.
Mirror records of the defacements can be found on Zone-H here for both hackers: [email protected] and h311 c0d3.