New Zealand websites hijacked

Turkish hackers have managed to break into New Zealand domain registrar Domainz.net, redirecting unsuspecting surfers to defaced versions of popular websites by changing DNS records.

Websites such as www.hsbc.co.nz, www.sony.co.nz, coca-cola.co.nz, www.xerox.co.nz, www.msn.co.nz, www.microsoft.co.nz and hotmail.co.nz as well as security vendors www.f-secure.co.nz and www.bitdefender.co.nz had their traffic redirected to third party servers containing a defaced page after hackers took advantage of an SQL Injection attack.

Microsoft New Zealand website hack

In the case of the Microsoft site, the usual webpage was replaced with an image of Bill Gates being on the receiving end of a custard pie. (Funnily enough, this isn’t the first time the image has been used by hackers.)

Sign up to our free newsletter.
Security news, advice, and tips.

The hackers responsible for the attack are believed to members of the Turkish “Peace Crew” defacement gang.

You can’t help but feel sorry for the innocent companies affected by this attack. It’s not as though they did anything wrong in terms of security – the attack was against the domain registrar looking after their internet records. Rival domain registrars would be wise not to feel too smug at Domainz.net’s misfortune, but asking themselves urgently if they might be vulnerable to similar attacks.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.