Google disappears for Irish internet users – but was it a nameserver hack or admin screwup?

Google disappears for Irish internet users - but was it a nameserver hack or admin screwup?

Google Ireland logoThousands of Irish internet users found that they were unable to access Google earlier today when the nameservers for began to point to a third-party server based in Indonesia.

Whether this was the result of a malicious hack or an admin screwup is as yet uncertain, but the danger was that if someone bad was responsible for the change they could have potentially taken users to a bogus Google website, and infected them with malware or distributed advertising pop-ups.

Many Irish users turned to social networking sites to describe how they were unable to access

Irish internet users note the disappearance of

For a period of time, the IEDR (Irish Domain Registry) was incorrectly pointing users to nameservers called, apparently based in Indonesia.

descr:        Google, Inc
descr:        Body Corporate (Ltd,PLC,Company)
descr:        Registered Trade Mark Name
admin-c:      KR59-IEDR
tech-c:       CCA7-IEDR
registration: 21-March-2002
renewal:      21-March-2013
status:       Active
source:       IEDR

person:       Kulpreet Rana
nic-hdl:      KR59-IEDR
source:       IEDR

person:       eMarkmonitor Inc
nic-hdl:      CCA7-IEDR
source:       IEDR

The question is – who changed’s name server entry? Was it an authorised change, or did a malicious hacker gain access to IEDR’s systems and make the change to hijack traffic for their own criminal ends?

Interestingly, internet listings describe Kulpreet Rana as a director of intellectual property at Google. Of course, it may not have been the real Kulpreet Rana who was responsible for the change – someone else might have been simply using their name.

Biography of Mr Kulpreet Rana

Robtex provides an interesting graphic showing other websites that use the same nameserver (

Sites using as a nameserver

It will be interesting to see what – if anything – Google, the IEDR or MarkMonitor has to say about this. We’ll update this post with more information as it becomes available.