Google Malawi domain (Google.mw) has been hacked and defaced by a hacker named to be ProtoWave. According to the language used on the deface, ProtoWave appears to be from Portugal. Looking at the WHOIS records, the hacker managed to gain access to Malawi domain registry and somehow changed Google Malawi nameservers. This made the Google Malawi domain to point to the hackers server allowing them to control the domain.
The hackers pointed google.mw (Google Malawi) domain to the following nameservers:
This isn’t the first time Google Malawi has been hijacked. According to Zone-h records, a hacker from Bangladash claiming to be TiGER-M@TE had defaced Google Malawi in 2013 by using the same method used by ProtoWave. This certenly puts a big question on the domain registries website and server security.
We will update this article as soon as we receive more updates about the Google Malawi hack.
Update: Google Malawi domain has been restored. Users from Malawi should be able to access Google.mw. If the website still shows the deface page, make sure browser cache has been cleared. If the deface page is still there, that means the domain name servers hasn’t been updated for you yet. It could take maximum 48 hours for domain name server to change.