Iranian hackers have successfully hacked and defaced several Turkmenistan sites including Youtube.tm, Gmail.tm, Yahoo.tm and several others. Users from that region who have attempted to access such sites have been greeted with a message much like the one below:
The hackers achieved their objectives via nic.tm who administer the .tm top level domains.
Defaced mirrors can be seen here –>
and Gmail mirror here –>
Hackers leak the data of NIC too
The total data leak can be found here –>
The hackers have also allegedly gained access to all the sites’ credentials via a MySQL injection bug and have apparently changed DNS records too:
In a independent project we decided to penetrate some important sites and today we wanna share a small part of what have we done. Today we are proudly announce about nic.tm here, it has a vulnerable application which is prone to a MySQL injection bug. It was a big lead for us to having all sites credentials…
…We also can indicate to another security imperfection, in the panel, if you want to change the DNS of a domain, A confirmation e-mail is also sent to handler’s email which can be changed to attacker’s mail address. The following domains were defaced for POC:
Have a nice hacking, be safe.