A group of Hacktivists poisoned the DNS records of several Sri Lankans (.lk) websites on Saturday and redirected users to a web page with details of social issues affecting local people.
While most of the domains affected were local business websites and news sites, the two top-level domains Google.lk and Oracle.lk, were also affected on Saturday.
Hacktivists redirected Google.lk for a few hours before the authorities intervened. The message highlights issues such as the local tea sector, media freedom, the corrupt political system and the judiciary, and racial, minor, and religious matters.
On Saturday, February 6, the attack took place just two days after Sri Lanka’s official independence day, February 4, which conveyed a national message.
Authorities said they found the attack just hours after it started and stopped it on Saturday.
NIC.lk, the country’s top-level LK domain manager in the country, confirmed the attack on Saturday in a message posted on its website.
“The issue of the LK Domain Registration System came up early on Saturday, February 6, affecting a few domains registered in .LK,” the organization said. “The matter was immediately resolved, and the matter was settled at 8:30 a.m.”
The Telecommunications Regulatory Commission of Sri Lanka has also confirmed the incident in a tweet on its account.
Details about the attack and the number of domains affected were not disclosed.
The attack went unnoticed in Sri Lanka, and several users posted on Twitter over the weekend, even though the incident lasted only a few hours.
This is the second cyber-security incident affecting the NIC.lk organization. In 2013, hackers used SQL injection software to break its database and steal data about .lk domain owners.