A Turkish group, Eboz is thought to be responsible for hacking 285 Pakistani websites with the .pk domain over the weekend, and defacing them. The list of affected sites included some major names, such as Google, Microsoft, PayPal, Ebay, Blogspot, Apple, Chrome and Cisco.
Service to most of the 285 sites has been restored. Users logging onto the sites first reported the defacement on Saturday, saying they were being redirected to freehostia.com. The attack is thought to be carried out by changing the DNS entries of the .pk domains, exploiting a security flaw in the local domain registrar, PKNIC.
According to reports, all the defaced sites were managed by MarkMonitor, a Thomson-Reuters subsidiary based out of San Francisco. One of the hackers responsible, reportedly identified as KriptekS, has been associated with numerous defacements in recent times, with the group Eboz thought to be active since 2007.
The affected sites were defaced with the English words “Pakistan Downed,” accompanied by a picture of a penguin, and a few cryptic Turkish phrases: “eboz. My homies in a friend always there for me. Have not shot by me with every breath."