back to article Ankle-biting hackers storm net's overlords, hijack their domains

The websites of two of the net's most critical oversight organizations were hijacked by Turkish hackers who sent visitors to rogue pages that challenged the overseers' authority. Some of the official domains for the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Assigned Numbers Authority (IANA) …

COMMENTS

This topic is closed for new posts.
  1. anon
    Pirate

    Worldwide

    HACK THE PLANET!

  2. Nate
    Pirate

    Allah a HACK-bah

    They stole their mega hurtz!

    OMG The guys that have a huge influence over the net/web got their websites hacked!?

    To me that is rather surprising.

  3. steve of the web

    a clue for law enforcement officials

    the perps should be easy to track down, it is obvious from their message that they are involved in the martial arts action movie overdubbing industry.

  4. Anonymous Coward
    Pirate

    No more difficult to hack...

    ... than stealing any other register.com customer's domain.

  5. Anonymous Coward
    Pirate

    ..and how it was done.

    They appear to have omitted to take even the most basic steps to lock the domains down when creating them. Compare

    http://216.239.59.104/search?q=cache:Boyyc-xwKPQJ:www.who.is/whois-net/ip-address/icann.net/+whois+icann.net&hl=en&ct=clnk&cd=3&gl=uk&client=firefox-a

    with

    http://www.who.is/whois-net/ip-address/icann.net/

    >>>Before:

    Registry Whois

    Domain Name: icann.net

    Status: clientTransferProhibited

    Registrar: REGISTER.COM, INC.

    Whois Server: whois.register.com

    Referral URL: http://www.register.com

    Expiration Date: 2013-12-07

    Creation Date: 1998-09-14

    Last Update Date: 2008-03-24

    Name Servers:

    a.iana-servers.net

    b.iana-servers.org

    c.iana-servers.net

    d.iana-servers.net

    ns.icann.org

    >>>After:

    Registry Whois

    Domain Name: icann.net

    Status: clientDeleteProhibited, clientRenewProhibited, clientTransferProhibited, clientUpdateProhibited

    Registrar: REGISTER.COM, INC.

    Whois Server: whois.register.com

    Referral URL: http://www.register.com

    Expiration Date: 2013-12-07

    Creation Date: 1998-09-14

    Last Update Date: 2008-06-27

    Name Servers:

    a.iana-servers.net

    b.iana-servers.org

    c.iana-servers.net

    d.iana-servers.net

    ns.icann.org

    >>>Note the change in the status line.

  6. Dave Harris
    Dead Vulture

    Run that past me again?

    It was hacked on the basis of a fraudulent email? No signature on the email? No phone call to verify? For fucking ICANN and IANA?

    Can anyone imagine ibm.com's dns registration being moved on the basis of an email? Or apple.com?

    FFS, whoever took that action really needs shooting.

  7. Anonymous Coward
    Anonymous Coward

    Fraudulent Email

    First thing I thought, sent by a fraud-star.

    Did the email promise additional monetary reward for prompt attention to the modalities of the transaction?

    @steve of the web

    HAHAHAHAHAHAHAHAHAHAHA, you owe me a keyboard....

  8. Steven Raith

    So ICAAAAAANNN is vulnerable to..

    ...fraudulent emails?

    Christ, the systems I look after are utterly nothing compared to this, but even I don't take the advice of a fucking email to confirm a config change of any kind - I confirm these things in person, or at least on the phone if it really, really can't be done in the flesh.

    I'm trying to work out how someone could have put this through without triple checking it - I mean, it's ICANN, not BobsPlumbers.co.uk for gods sake!

    Steven R

  9. James Cleveland

    Social Hacking

    Not machine hacking. Yet again, technology is more secure than the people that operate it.

  10. Paul Vail

    and you think ICANN knows what they are doing?

    look as how they coddle the cybersquatter industry. ICANN is a joke.

  11. Austin Pass

    Customised TLD's eh?

    At last, I can register trashbat.cock for my good friend Nathan.

  12. Svein Skogen
    Unhappy

    Surprising, to say the least

    So, they moved it on basis of a single email. How did they manage to get the PGP SIGNATURE right?!? If they didn't, shouldn't this registrar be relieved of their duty for NOT using digital signatures?!?

    //Svein

  13. TeeCee Gold badge
    Happy

    Re: martial arts overdubbing.

    You can't say that without video evidence. They might have delivered those awfully cheesy lines in perfect lip-sync, which would make them far more likely to be American TV mini-series actors.

  14. Gordon Grant
    Black Helicopters

    erm duh!

    I mean come on, honestly the guy who read the e-mail and went yeah that's legit and then processed the request need shooting..

    Oh wait maybe.... just maybe he got paid to do it..

    I mean a big enough domain like that should have had a verifiable Digital signature on it that and have been verified 1st and not but simply hitting the reply button, but by looking up who registered domain and finding the e-mail address(es) attached to it and using them..

    If it's that easy I'm off to redirect Microsoft.com to somewhere nice like itssnafud.com

  15. Anonymous Coward
    Happy

    Come on guys...

    Lets be realistic. Sending a creative email to a group of obviously retarded engineers to change DNS pointers for the domain is no feat, just proof that some of our key infrastructure people are not taking their jobs seriously or should be fired for incompetence. Give me the job and I'll make sure any retarded attempt like this is triple verified with top management before implementation.

    By the way, anybody notice these hackers can't spell? "Everybody knows wrong" should be "Everyone knows better". They're obviously using Google Translator.

    And come on, SQL Injection? Yet another example of newby coders implementing systems from script kitty code without fully understanding the fundemantal security checks for any interactive sql system. Anyone hear of escaping single quotes for input strings?

    SomeSQL = SELECT FROM table WHERE column = ' " + variable.Replace(" ' "," ' ' ") + " '

This topic is closed for new posts.

Other stories you might like