A hacker was able to get into the domain handler of high ranking Romanian websites, including Google.ro and Yahoo.ro, and redirect visitors to a defacement page.
After some analysis, security officials found this was a case of DNS poisoning and was the result of a breach that affected RoTLD, which is the handler of Romania’s top level domains.
The attack against their .ro domain administration server took place on the night between November 27 and 28, the company said.
The attackers modified the name servers of several popular domains to redirect their visitors to an arbitrary webpage, the company said in a statement. The company took immediate measures to prevent future incidents.
The security breach is currently under investigation. The investigation’s results will be available in the upcoming days, the company said.
RoTLD claims that DNS servers did not suffer any issues and no financial information is on the affected machines.