TODAY’S PAPER | September 18, 2025 | EPAPER

Pakistani hackers reveal why Google, other websites were defaced

Hackers cite vulnerabilities in server of PKNIC - that manages domains for Pakistan - as reason.


Creative Essa Malik/web Desk November 26, 2012 1 min read

A group of hackers from Pakistan revealed vulnerabilities with PKNIC – which manages domains for Pakistan including .com, .pk and org.pk – which led to the defacement of websites including Google’s Pakistan page earlier.

The group claims to be the “watchdog” of the Pakistani cyberspace and reportedly monitors websites to make sure they keep functioning smoothly.

Members of the group, Khanisgr8, Net_Spy, Xpired, Sho0ter and N3t.Crack3r, in an email sent to ProPakistani revealed that hundreds of .pk domains, including google.com.pk, msn.com.pk and other domains for top global brands were defaced on Saturday due to security flaws with the PKNIC system.



Photo: Screenshot on ProPakistani

The group pointed out that the defacement took place because the PKNIC servers were vulnerable to Boolean-based blind SQL injection, time-based blind SQL injection, cross-site scripting and sensitive directory disclosure.

The members provided ProPakistani with complete parameters and proofs of vulnerability, which according to experts, were valid. The security experts told ProPakistani that PKNIC has been vulnerable for a long time.

Earlier, a hacker named eBoz, had re-routed around 284 .pk domains from their servers to a hosting account allegedly owned by himself, by penetrating and re-configuring the DNS and name servers of these domain names.

COMMENTS (10)

Rank Auora | 5 days ago | Reply This article highlights a critical issue that s often overlooked the security of domain-level infrastructure like PKNIC. When platforms managing top-level domains are vulnerable to attacks such as SQL injection or cross-site scripting it puts thousands of Pakistani businesses at risk regardless of how secure their own websites are. At Tricasol we emphasize not only building robust websites but also conducting regular security audits DNS monitoring and penetration testing. Cybersecurity is no longer optional it must be a core part of every digital strategy. Thanks to the Tribune team for bringing such an important issue into the spotlight. More awareness around these threats will push both service providers and businesses toward stronger safer web practices. Learn more about our approach at tricasol.com
replica watches | 12 years ago | Reply Brilliant post, nicely done. And thanks for mentioning all that info ¨C you have introduced to me to three new blogs and I love them all! Cheers
VIEW MORE COMMENTS
Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ