Blog Post

Google (NOT) Hacked? Just A DNS Glitch says Google

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Recap: 6:13PM PST: Google was not hacked, but instead had a DNS problem. For some readers the site was redirecting to the SoGoSearch page. That continues to fox me, and I plan to investigate further. All services have been restored. I find it amazing: Google is now as integrated in our lives as a phone company, or heaven forbid, TV networks. Multiple experts say that the screen grab I got was result of broswers not being able to resolve to Google.com, and instead stumbled upon google.com.net (com.net is the SoGoSearch website, and they have a wildcard match). Once Google’s DNS was restored, browsers stopped the appending, and started functioning normally.

Update #6: Yet another screen shot And another one, plus looks like someone swiped the domain name. Larry Magid was on the local CBS radio talking about the Google’s great vanishing trick.

Update #5: Everything back to normal. All Google services are working. Though as an aside, Google has reached the full capacity for its Web Accelerator Beta.

Update # 4: More from Mr. Krane of Google: BTW, this was not the result of a hack or any kind of security issue. “Yes, it was a DNS issue. We’re seeing things as fully restored as of more than 30 min. ago. You’re the first to send such a screen shot and report this kind of issue. I’ll bounce it to the tech staff and will keep you posted.” I got another screenshot which was as of 5.08 PM PST. Not sure if I am having this problem in specific or others noticing the same issue. I use comcast as broadband provider. Any updates people?

Update #3: David Krane, the big cheese @ Google PR wrote back a few seconds ago and had this to add, “Google’s global properties were unavailable for a short period of time earlier today. We’ve remedied the problem and access to Google has been restored worldwide.”

Update #2: Some people are saying in the comments here and over at Engadget, that Google might have been in middle of a DNS software switch. I still can’t believe that a strange image would just show up there.

Update #1: Some people say they have it back, but I am still having trouble logging in to my Gmail. And still not getting Google homepage. I have left voice mail and sent emails to Google’s PR people and their hotline. Not sure, what’s going on precisely but will be on the story.

google hacked

03.11 PM, PST: Looks like we are having a Google outage – apparently someone has hijacked their Domain, and something called SoGoSearch is showing up instead. GMail was down as well. Google ads are not being served up as well. Am I the only one, or did you guys feel the webquake as well? Man if this is a hack, then we now know nothing – not even god, I mean Google is safe! Is this someone’s idea of teaching them a lesson? Or has the Web Accelerator shown its true colors? Lots of unanswered questions. Here is a screen grab by the way!

186 Responses to “Google (NOT) Hacked? Just A DNS Glitch says Google”

  1. I haven’t been able to access Gmail homepage, Hello download page, Yahoo sign-in page, Hotmail sign-in page, eBay sign-in, etc., for two weeks now despite following every “fix” out there. Just goes to a DNS error page. Still can backdoor onto Yahoo by signing in on the Photos link. I wish someone could fix this…

  2. El O'Neill

    Google via IP address works today, but for us (apparently just us), am getting either:
    Index of /

    Name Last modified Size Description

    [DIR] Parent Directory 21-Dec-2005 15:05 –
    [DIR] cgi-bin/ 21-Dec-2005 14:20 –

    Apache/1.3.34 Server at http://www.google.com Port 80
    —————————–
    …or getting a web hosting company apparently called “computersteroids” (when typing in “groups-beta.google.com”). Whose DNS files are bad and whose are good?

  3. Hey people,

    this is not due to any hack or something. This is just child name servers created at the Registry.

    When you query internic’s servers for the whoisof the domain name, internic performs a domain.com.* query and that is the reason this thing shows up. You can check the same for hotmail.com, yahoo.com.

    Ifyou have a domain namme abc.com you can go ahead and register a child name servers which says google.com.i.dont.own.that.abc.com and this should also show up in the whois search of google.com. So just a wrong way to query used by Internic servers!

    Hope this was a little helpful to you guys.

    PJ
    http://www.pratikj.info
    http://www.port43whois.com

  4. I didn’t get the SOGO page. Yesterday a couple of friend and I discovered it at about 4:10 CST. The Source code was not at all like it should be. It was asking you to type in the code that displayed in the “picture.” No javascript however was present in the source code. The image search, new, etc worked fine. It just effected the search page. It said something to the affect of ” your computer has been infected etc.” If that were so and Google had made this page, then it would not be like this on every computer in our server room, and also the prompt would come up in the image search as well.

    I think that we were one of the first to discover this, because we went to every single forum (geek forums) but nothing was reported. Anyways has this affected any one else.

  5. HELP!
    My google is different, you can’t do image search, or any of the others, and the number of pages is different and it looks a bit strange. Their is no “im feeling lucky”. It hink someone HACKED MY GOOGLE

  6. Hi all,
    this is off-topic … I have met a serious problem: when looking for ANYTHING searching in http://www.google.com, I obtain the ONLY reference to ncc.sex-explorer.com. How can I get rid of this property?
    Interesting is, that when trying e.g. http://www.google.sk, I have no problems.
    If anyone knows, where is the problem, please, send me a mail.

  7. 6-4-2005. 1PM PST. Gmail is down. Server Error (500)

    So are we seeing the first cracks in the zillion of cheap servers technical approach?

    I believe one or more competing SE/portals use specialized storage with dual parity RAID (“RAID DP”) to ensure data availability (treating customer data like a Fortune 500 compnay treats its corporate records)

    Or is this another DNS issue?

    I imagine the zillion-cheap-server-grid is pretty darn complex.

    Anyway, don’t bother to e-mail (gmail) me until it’s back up!

  8. Thomas Collins

    As of 07:28 EST google.com is still not reachable via domain name.
    Using the URl I am presented with the Firefox logo and nothing esle on the page. Yes I can get to google using one of it’s ip addresses.
    DNS problem still in effect?

  9. The logo is still in the window because Safari/Firefox tends to be a bit slow in updating icons. They don’t always look at the icon apparently. It is not a faked image, people, it is a simple bug in Firefox/Safari that I’ve experienced since 0.8 ;)

    By the way – I doubt Microsoft feels Google is a threat to them. Google is a search/steal your privacy company, not a screw-yourself company ;). Microsoft has no need to feel threatened by Google, except in terms of MSN Search / Hotmail.

  10. venus

    I don’t think so, Google hack is fake. I agree, in the address bar of sogo screenshot, it still shows google’s logo!!
    This is a hoax by who knows, microsoft?

  11. Anonymous Peon

    Okay, I ‘watched’ this happen, by monitoring my DNS cache.

    Google (or whoever manages their DNS) screwed up – http://www.google.com is a CNAME pointing to http://www.l.google.com. Entries for http://www.l.google.com took a walk for perhaps 30 minutes, making http://www.l.google.com return NXDOMAIN.

    SoGo (or whoever owns .com.net) have a specific A record for http://www.google.com.net, to catch people who can’t get to Google for some reason, and use browsers that do the incredibly stupid thing (Safari?) when they can’t find a domain. This “paid off” for them when Google decided to take a walk from the Internet for those few minutes.

    No foul play here, unless it was an inside job, at which point it wasn’t a very sensible one.

  12. MrNibbles

    Well looks like sogo are getting a shitload of free publicity!!
    hmmm, could just have been an error in their favour tho! Shame is slept through all of this! would have loved to watch it unfold and have a go at working it out.
    :)