Paraguayan ccTLD Hacked, Google.com.py Redirected, Internal Database Leaked 44
MrJones writes "Last February 20th, hackers supposedly from Iran accessed and modified (English) the www.NIC.py database, redirecting www.google.com.py to another site.
The hackers posted the whole NIC.py database containing full names, national ID numbers, street addresses, phone numbers, and more of registrants. This is not the first time (English) that NIC.py, managed by the 2 most respectful Computer Science Universities of Paraguay, was hacked. Since the entire database was released, local white hat hackers were able to calculate how much money NIC.py was making annually (English) by charging $44 US per .py domain.
The local CS community are urging the NIC.py administrators to do all whats possible to protect the .py domain names since the hack was done by exploiting a simple remote code execution vulnerability. If they can modify google.com.py, just imagine what they can do to banks and financial institutions. Maybe Google can helps us."
Maybe it just isn't the best criteria (Score:5, Funny)
"managed by the 2 most respectful Computer Science Universities of Paraguay"
I'm all for politeness but I think something like this should probably be managed by the most respected Universities.
Re: (Score:1)
Maybe Google can helps us with grammar.
Re: (Score:1)
Well, normally, it is editors who can helps us with grammar.
But this is Slashdot... so I guess Google is our only hope.
Re: (Score:1)
Well, normally, it is editors who can helps us with grammar.
But this is Slashdot... so I guess Google is our only hope.
Help me, Larry Page! You're my only hope!
Re: (Score:2)
Where could grammar help be used? The sentence in question is grammatically correct.
Re: (Score:2)
Oh, Paraguay [amazon.com]
Re: (Score:3)
The Paraguayans are lazy about patching their security holes because the weather is so nice.
Hence the "Maybe Google can helps us". Why bother to leave the hammock yourself!
For extra irony points (Score:5, Funny)
I hope it was a vulnerability in their Python code?
Re: For extra irony points (Score:1)
Re: (Score:3)
Re: For extra irony points (Score:4, Funny)
Re: (Score:2)
It's on our to-do list (and has been for a long time), but our to-do list is pretty huge. I'll bring it up again at our next meeting and see when we can find time for it. Sorry I don't have anything more specific for you.
Re: (Score:1)
There are no Pythons genus snakes in South America. The closet you get are the Eunectes, which includes the Anaconda.
Re:For extra irony points (Score:4, Funny)
There are no Pythons genus snakes in South America. The closet you get are the Eunectes, which includes the Anaconda.
The Anaconda don't want none unless you got root access, Hon.
Re: (Score:2)
There are no Pythons genus snakes in South America. The closet you get are the Eunectes, which includes the Anaconda.
The Anaconda don't want none unless you got root access, Hon.
Nice Sir Mix-a-lot. =)
Most respectful? (Score:5, Funny)
the 2 most respectful Computer Science Universities of Paraguay
Respectful is nice. Respected would be better.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
The hacker found the password (Score:1)
The admins didn't fool the hacker when they used "passwordo" as root password.
"Last February 20th, (Score:1)
You mean this February then. That was last week, not last year, therefore its misleading to say "last February".
It's not only universities problem (Score:1)
A note (Score:2)
Nothing needs to be hacked to get that same estimate of revenue.
Just download their zone file and multiply by their annual. The zone file even tells you when they were registered and when they're registered until, allowing you to take account of public discounts for registration length.
It's still an upper bound; you don't know what other offers or freebies are in there. But still. It's a better upper bound than the hack ostensibly provides.
Central point of failure (Score:2)