Icann downplays recent site hacks

The Internet Corporation for Assigned Names and Numbers (Icann) has spoken out about a recent round of attacks against its sites.

Hackers compromised a pair of mirror sites for the company and redirected users to a page taunting Icann and proclaiming 'we control the domains.' The attacks were attributed to Turkish hacker group NetDevilz.

The attack was particularly embarrassing for Icann as it came just days after the group approved a plan to open new domains for registration by the public.

According to Icann, the hackers pulled off the attack by infiltrating systems run by Icann's registrar. The hackers compromised the DNS servers and redirected requests for two of the group's domains.

The company noted that the attacks were only directed towards mirror sites, and that the main .org site was never compromised or altered in any way.

"It would appear that the attack was sophisticated, combining social and technological techniques, but was also limited and focused," Icann said in a statement.

"The redirect was noticed and corrected within 20 minutes. However, it may have taken anywhere up to 48 hours for the redirect to be entirely removed from the internet."

Later, a separate group of attackers used what Icann described as an " automated attack" to exploit a vulnerability in WordPress and compromise the site's blog. The company does not believe that the two incidents were related.

Icann said that it will launch an internal investigation on both attacks in order to determine possible future safeguards.

See also:

Malware growth slowing, say experts

Fewer new malware samples being found in the wild  02 Jul 2008

Icann tasting solution a 'partial success'

Refund plan not strong enough, says Coalition Against Domain Name Abuse  30 Jun 2008

Tech giants team up on security

Big names sign up to Icasi project  28 Jun 2008

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!