[ryanlol]

Interestingly enough, despite malaysia airlines claiming that this is just a DNS hijack. It appears that their own CDN (Akamai) is now serving the deface page. (The page was being served by cloudflare before)

[JoshTriplett]

Many CDNs work by retrieving the page themselves, caching it, and re-delivering on request. In that case, if the original page changes, the CDN would automatically change too.

[ryanlol]

Which would imply that their backend was compromised, not just DNS.

[zkhalique]

The CDN could have simply refreshed its DNS cache couldn't it? That would mean it loaded the files from somewhere else.

[ryanlol]

Unless there was something horribly wrong with their setup, akamai would have prevented that from happening.

[Tiksi]

I'm not sure how they are supposed to prevent this. If you have access to the dns, you can change the record for the origin server that the cdn pulls from. Nothing "horribly wrong" with that.

[ryanlol]

Akamai makes you to set your own DNS server for it to pull records from, the domain getting hijacked should not have any effect on what that DNS server is returning.