Google has generally begun to allow randomization of domain queries sent to authoritative name servers in an effort to make cache poisoning attacks less effective (cache poisoning attacks).
This means that queries for a domain like iguru.gr, if handled by Google Public DNS, could be reconfigured to IgUrU.gr when the request is transmitted to DNS servers for lookup. Although this will be noticeable to administrators controlling network traffic, this particular formatting is not visible to the general public.
When users try to visit a page like iguru.gr – with whatever program περιήγησης ή εφαρμογή χρησιμοποιούν, ουσιαστικά ρωτούν το domain name του ιστότοπου χρησιμοποιώντας το Domain Name System (DNS) to discover the IP addresses of the servers hosting the website. Such a DNS query usually goes through a recursive DNS service that contacts other name servers until it finally receives a response from a valid name server.
To speed up this multi-step process, DNS query responses may be cached by these intermediate name servers. This opens up the possibility attacks cache poisoning.
One such attack involves attacking one of these intermediate name servers with too many DNS queries for uncached domains. Then, Mr server-victim contacts other name servers that can help him answer these queries. At the same time, the attacker floods the victim's server with false responses that are disguised to look like legitimate responses from these other name servers.
The hacker's goal is to get the victim's server to accept one or more of these bogus responses – and cache that wrong response – so that he can take advantage of the misdirection.
All of this is possible because DNS servers are based on UDP – a network protocol that is faster than TCP, but offers no guarantees on connections and is therefore more vulnerable to spoofing. It also works because DNS query IDs are 16-bit fields, meaning their possible values can only range from 0 to 65.535 – a small enough range to guess with a flood of malicious requests.
There is one detailed analysis of this attack here if you are curious. And, yes, DNSSEC is supposed to prevent these kinds of cache poisoning attacks, when supported and used.