French?
Not sure that's Frenc h French. Canadian hackers, perhaps? Have Tata pissed off the Parti Quebecois recently?
Cheeky French hackers hijack Tata website
Top flight outsourcing firm Tata Consulting Services appeared to have lost control of its website to hackers today, with the domain apparently being touted for sale. The Washington Post reported that the site had fallen prey to a DNS hijack over the weekend. A report in Times of India this morning said that hackers had changed …
This topic is closed for new posts.
The title is required, and must contain letters and/or digits.
Not sure that's English English, American hackers perhaps?! :o)
Wonderful
I'm so glad the Bean Counter IT monkeys, sorry Directors, decided to outsource most of our development to such a fantastic opertation.
Considering that they provide call center services...
Did they end up calling themselves for tech support?
@tim48
If they did, would some kind of telephonic space-time paradox occur and they plunge into an endless 1st-line support loop?
One can but hope.
R.
@JohnG and, oh, and @UK.gov
John,
that joke was singularly bad. Keep it up. Obvious jokes are clearly flavour of the month - MPs being prosecuted for taking money they haven't earned, Jack Straw being the deciding factor in the Iraq invasion, the existence of AManFromMars and Matt B, etc. Oh, and my browser's spell checker deciding that the correctly-spelled flavour is a spelling mistake. Why doesn't someone teach these people English :)
Au revoir.
Oh, and TataFN.
Still borked
10am Vancouver.. and it's still borked for me.
Nice to see they have a top notch team handling it.
Tech Writing Fail
So The Reg no longer bothers to know about simple things like DNS propagation taking time because of caching?
tcs.com was NOT hacked....
please guys, I expected better from you lot...
[Disclaimer: I'm an employee of TCS, though naturally I'm posting this in my personal capacity]
tcs.com was NOT hacked yesterday. What did happen was that the DNS records that supply the IP were reset to some other IP.
Whether that was done by actually hacking netsol or by social engineering a valid change request I do not know.
I know the site was fine because going through the internal DNS got me the correct IP address and the correct content.
I believe the problem started sometime before 1am IST [this is a wild guess, from other symptoms; don't ask, heh heh!], and was resolved around noon or so [this guess is more accurate because I was semi-actively monitoring it].
In both instances, it would have taken a few hours for the bad data to expire from DNS caches. Depending on who your DNS provider is, you may have seen it "come back" at different times. If you were running your own DNS, you could have purged your DNS cache manually and would know more accurately when it came back.
At this point in time I am still receiving reports of other DNS servers still showing the bad data. Just tell them to purge their DNS caches if you know them, or switch to openDNS. They've got the right stuff, and have had it a lot longer than the chocolate factory's DNS :)
"fix had not taken"
just run "dig +trace www.tcs.com"
If you're piggy-backing on someone else's DNS, like your ISP or openDNS or the chocolate factory, and you get a different answer than 216.15.200.140, you know what to do.
But actually, if you aren't running your own DNS, and didn't flush your caches as soon as you heard this, you shouldn't even be commenting on the issue.
"still see the bad page" ==> **reporting** on the issue
"fix had not taken" ==> **commenting** on the issue
[Same disclaimer applies as in previous comment]
<title/>
"However, as of half three today, from where we were sitting the site was still showing the "for sale" notice, in both French and English, suggesting Tata's fix had not taken."
Or suggests that you're using a DNS server that has a cached copy of the compromised records which haven't expired yet.
it's the DNS stupid
the correction is probably still propagating.
Brain drain
Tata should outsource its site to some competent firm?
Tsk, Tsk
If they HAD to go through the trouble of stealing the DNS, they could have at least had more fun with the name "Tata Consulting."
Today's "hackers" have no style.
<--- Tata Consultant Extraordinaire
They are probably...
...furiously watching The IT Crowd, having already:
a) turned it off and on again
b) checked to see if it was plugged in
c) checked to see if Richmond has been buggering around in the machine room again
It can't have been Richmond.....
......as he's got Scurvy :-)
abed_uk
http://www.xav.com/scripts/axs/whois.pl?a=lh.org
Listed as contact in that whois too...
This topic is closed for new posts.
Sign up, sign up for The Register's weekly IT security newsletter - click here
Popular Whitepapers
- The BI Inflexion Point
Information is a right, not a privilege - VPN security - if you want it, come and get it
Attention WiFi hotspotters: You want it - The Register Guide to iSCSI
A primer on Internet SCSI, a protocol to transport SCSI commands over IP - Secure Mobile Working
Beyond the Technology - The Impact of IT Security Attitudes
Putting the pieces in place for effective security delivery - The Register guide to unified communications
A primer on the implications of unified communications for enterprise IT
