Google Paraguay Hijacked via Hack

Google Paraguay defaced via DNS hijack

An Iranian hacker who uses the online moniker Mormoroth has managed to breach the systems of the Network Information Center of Paraguay ( The attacker used the access to make it look like Google Paraguay ( was defaced.

The hacker hasn’t actually breached any of Google’s systems. Instead, he altered the DNS records for to redirect the site’s visitors to his defacement page.

Mormoroth published a number of screenshots to demonstrate that he had gained access to’s backend systems. He leaked some user credentials and other information stolen from the site’s databases.

In a blog post on, the hacker has explained that he has leveraged a remote code execution (RCE) vulnerability to breach

“By executing simple localroot exploit we are able to gain root access and cp all data on server but that is not necessary, admin have set inappropriate permissions on all directories which made us capable of browsing everywhere and reading any file,” Mormoroth noted.

The hacker says that initially he didn’t want to publish any data stolen from the NIC. However, he decided to leak some information after Paraguayan authorities allegedly said “there wasn’t any hack.”

A cyber security expert told ABC Color that he alerted Paraguay’s National Computing Center of the vulnerability exploited by the Iranian hacker five years ago. However, the organization didn’t respond to his reports and the security hole remained unfixed.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s