Whilst Google themselves have said that their services in Romania were not hacked there have been many claims that their web services were being redirected to another website, with a message from an ‘Algerian hacker’ for a while. Other users could apparently access the site as normal.
According to TechCrunch the Romanian Google domain was defaced by an Algerian hacker using the handle of MCA-CRB:
The text on the hacked site reads: “By MCA-CRB / Algerian Hacker” and gives credit to three names, “all members Sec” — so perhaps in one of the many loose groups of hackers that associate themselves with Anonymous and LulzSec. “S thanks = Mr-AdeL & i-Hmx & Lagripe-Dz All Members Sec,” the page reads.
Additionally, ThreatPost have today posted that Yahoo and PayPal in Romania may have also been defaced today:
The home pages of Google, Yahoo and some other high-value sites in Romania were defaced on Wednesday, possibly through a DNS poisoning attack, and visitors were redirected to a page on which an attacker who says he’s from Algeria claimed responsibility for the hack. Researchers said that while a DNS attack is the most likely scenario, it’s not clear where the attack took place.
If any of you reading this are from Romania perhaps you could comment as to your own experiences with any of these sites this morning…