| 07/02/2010 |
|
|
 |
|
TCS Hacked! If you visit the Tata Consultancy Services (TCS) website tcs.com right now, the top Indian tech company’s site has been hacked and a “For Sale” sign is displayed on the site with a notice that the tcs.com domain name is for sale. It points out prospective domain name buyers to a contact email address.
Tata Consultancy Services Limited (TCS) is the top software services and consulting company in India and is the largest provider of information technology and business process outsourcing services in India. TCS is a subsidiary of one of India’s largest and oldest conglomerates, the Tata Group.
It is unbelievable that some hacker could easily hack into one of the most secure websites of the top technology company in India. Its a Sunday evening here in India and I wonder if someone at TCS is looking into it…
Update: Aditya says this is a DNS hack because the page opens well with anonymous proxy surfing tools.
and then an TCS employee commented on his blog that
tcs.com was not hacked. What did happen was that the DNS records that supply the IP were reset to some other IP. Whether that was done by actually hacking tracom/netsol or by social engineering a valid change request I do not know. I know the site was fine because going through the internal DNS got me the correct IP address and the correct content. I believe the problem started sometime before 1am IST [this is a wild guess, from other symptoms], and was resolved around noon or so [this guess is more accurate because I was semi-actively monitoring it].
In both instances, it would have taken a few hours for the bad data to expire from DNS caches. Depending on who your DNS provider is, you may have seen it “come back” at different times. If you were running your own DNS, you could have purged your DNS cache manually and would know more accurately when it came back (or just run a “dig +trace” at 10-minute intervals looking for the right IP to come back)
MoneyLife adds that
The Internet Protocol (IP) address of TCS’s website is 216.15.200.140. However, the hackers changed it to 205.178.152.154, re-pointing the name server (NS) records of the company’s website which may have been done by breaking into the NS or the registrar account, said a cyber-security expert …
… Incidentally, the changed domain ID, 205.178.152.154, shows the ISP name as Network Solutions LLC, which is the registrar of tcs.com as well. So primarily, it appears that someone might have entered into TCS’s registrar account; possible using a compromised password, added another expert.
| Like this article? |
|
Write a guest article - Get free links, SEO, traffic, readers for your site. 250+ guest bloggers cant be wrong! Join the team.
RSS
Twitter
Facebook
Its not the tcs.com that is being hacked rather DNS server that you are using,like google dns ..change the dns server to
that of opendns .
208.67.222.222 or 208.67.222.220
and it will open fine
I am using Google Public DNS and it seems OpenDNS has won this round.
i am able to view the TCS website content.
Recently Cyber attack is very much increased..
Google was attacked in china..
Now TCS also attacked….
Very Good what next….
looks like a DNS attack , TCS Information Security Team should perform a penetration testing asap .
Funny really funny.
Google the word DNS and check. The useless DNS what you are using might even redirect google.com to some other explicit sites. Lolz.
Be sure to check twice before publishing any false news.
Well this is not false news as hundreds of blogs and media are reporting the same. Anyway the updates confirm it was a DNS hack.
I am using Google Public DNS and I am sure it is very reliable. But OpenDNS users have not seen this errors, so thats a feather in their cap over Google.
Works fine for me with Open dns
I have been trying to track the hacker real hard…
but due to recession my trip to Europe for catching the hacker is being delayed.
I hope he escapes to US before i reach Europe so that i can go to US also..
But i know ultimately , the hacker will be from India, so i’ll have to come back to catch him. :(
nice story,dns may have hacked in this scenario