Feeds

back to article Ankle-biting hackers storm net's overlords, hijack their domains

The websites of two of the net's most critical oversight organizations were hijacked by Turkish hackers who sent visitors to rogue pages that challenged the overseers' authority. Some of the official domains for the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Assigned Numbers Authority (IANA) …

COMMENTS

This topic is closed for new posts.
Pirate

Worldwide

HACK THE PLANET!

0
0
Pirate

Allah a HACK-bah

They stole their mega hurtz!

OMG The guys that have a huge influence over the net/web got their websites hacked!?

To me that is rather surprising.

0
0

a clue for law enforcement officials

the perps should be easy to track down, it is obvious from their message that they are involved in the martial arts action movie overdubbing industry.

0
0
Pirate

No more difficult to hack...

... than stealing any other register.com customer's domain.

0
0
Pirate

..and how it was done.

They appear to have omitted to take even the most basic steps to lock the domains down when creating them. Compare

http://216.239.59.104/search?q=cache:Boyyc-xwKPQJ:www.who.is/whois-net/ip-address/icann.net/+whois+icann.net&hl=en&ct=clnk&cd=3&gl=uk&client=firefox-a

with

http://www.who.is/whois-net/ip-address/icann.net/

>>>Before:

Registry Whois

Domain Name: icann.net

Status: clientTransferProhibited

Registrar: REGISTER.COM, INC.

Whois Server: whois.register.com

Referral URL: http://www.register.com

Expiration Date: 2013-12-07

Creation Date: 1998-09-14

Last Update Date: 2008-03-24

Name Servers:

a.iana-servers.net

b.iana-servers.org

c.iana-servers.net

d.iana-servers.net

ns.icann.org

>>>After:

Registry Whois

Domain Name: icann.net

Status: clientDeleteProhibited, clientRenewProhibited, clientTransferProhibited, clientUpdateProhibited

Registrar: REGISTER.COM, INC.

Whois Server: whois.register.com

Referral URL: http://www.register.com

Expiration Date: 2013-12-07

Creation Date: 1998-09-14

Last Update Date: 2008-06-27

Name Servers:

a.iana-servers.net

b.iana-servers.org

c.iana-servers.net

d.iana-servers.net

ns.icann.org

>>>Note the change in the status line.

0
0
Dead Vulture

Run that past me again?

It was hacked on the basis of a fraudulent email? No signature on the email? No phone call to verify? For fucking ICANN and IANA?

Can anyone imagine ibm.com's dns registration being moved on the basis of an email? Or apple.com?

FFS, whoever took that action really needs shooting.

0
0
Anonymous Coward

Fraudulent Email

First thing I thought, sent by a fraud-star.

Did the email promise additional monetary reward for prompt attention to the modalities of the transaction?

@steve of the web

HAHAHAHAHAHAHAHAHAHAHA, you owe me a keyboard....

0
0
Silver badge

So ICAAAAAANNN is vulnerable to..

...fraudulent emails?

Christ, the systems I look after are utterly nothing compared to this, but even I don't take the advice of a fucking email to confirm a config change of any kind - I confirm these things in person, or at least on the phone if it really, really can't be done in the flesh.

I'm trying to work out how someone could have put this through without triple checking it - I mean, it's ICANN, not BobsPlumbers.co.uk for gods sake!

Steven R

0
0

Social Hacking

Not machine hacking. Yet again, technology is more secure than the people that operate it.

0
0

and you think ICANN knows what they are doing?

look as how they coddle the cybersquatter industry. ICANN is a joke.

0
0

Customised TLD's eh?

At last, I can register trashbat.cock for my good friend Nathan.

0
0
Unhappy

Surprising, to say the least

So, they moved it on basis of a single email. How did they manage to get the PGP SIGNATURE right?!? If they didn't, shouldn't this registrar be relieved of their duty for NOT using digital signatures?!?

//Svein

0
0
Gold badge
Happy

Re: martial arts overdubbing.

You can't say that without video evidence. They might have delivered those awfully cheesy lines in perfect lip-sync, which would make them far more likely to be American TV mini-series actors.

0
0
Black Helicopters

erm duh!

I mean come on, honestly the guy who read the e-mail and went yeah that's legit and then processed the request need shooting..

Oh wait maybe.... just maybe he got paid to do it..

I mean a big enough domain like that should have had a verifiable Digital signature on it that and have been verified 1st and not but simply hitting the reply button, but by looking up who registered domain and finding the e-mail address(es) attached to it and using them..

If it's that easy I'm off to redirect Microsoft.com to somewhere nice like itssnafud.com

0
0
Happy

Come on guys...

Lets be realistic. Sending a creative email to a group of obviously retarded engineers to change DNS pointers for the domain is no feat, just proof that some of our key infrastructure people are not taking their jobs seriously or should be fired for incompetence. Give me the job and I'll make sure any retarded attempt like this is triple verified with top management before implementation.

By the way, anybody notice these hackers can't spell? "Everybody knows wrong" should be "Everyone knows better". They're obviously using Google Translator.

And come on, SQL Injection? Yet another example of newby coders implementing systems from script kitty code without fully understanding the fundemantal security checks for any interactive sql system. Anyone hear of escaping single quotes for input strings?

SomeSQL = SELECT FROM table WHERE column = ' " + variable.Replace(" ' "," ' ' ") + " '

0
0
This topic is closed for new posts.