An Iranian cracker broke into the paraguayan ccTLD registrar[0] (exploiting a security hole reported by me 6 years ago) and managed to point Google.com.py to its own nameserver. The DNS records were pointed to the same IP, serving a smiley face through HTTP[1].<p>SENATICS[2], the government ICT department, published a press release indicating that no attack was made and that everything was just a misunderstanding.<p>Later the attacker decided to leak private data from the server[3] (a complete database dump, containing over ~20000 items, including document number, e-mail, phone number, etc). This served as a pressure for government and they finally took the blame for the incident.<p>At the same time, the argentinian registrar[4] announced that they will start charging for the domains around 25 U$ per year (currently it’s still free, and it’s possible to register a domain by using your identity card).
Just to give you an idea, in Paraguay we’re paying 45 U$ for a .py domain name, per year. And we’re currently dicussing if it’s worth paying that amount for a service with such big security issues (obviously this isn’t the first one, among several other irregularities).<p>[0] http://www.nic.py/<p>[1] http://www.abc.com.py/nacionales/falla-seguridad-de-nicpy-1218433.html<p>[2] http://www.senatics.gov.py/<p>[3] http://ha.cker.ir/2014/02/www-nic-py-py-registrar-rce-vulnerablity/, http://cker.ir/leak/nic-py/<p>[4] https://nic.ar/