Hackers Trick Way into ICANN Computers
User names and passwords were used this month to access a Centralized Zone Data System
The private agency that acts as a gatekeeper for the Internet on Wednesday said that hackers tricked their way into its computers.
A “spearfishing” attack aimed at U.S.-based nonprofit Internet Corporation for Assigned Names and Numbers (ICANN) hooked staff members with emails crafted to appear as though they were sent from peers using “icann.org” addresses, according to a blog post.
“The attack resulted in the compromise of the email credentials of several ICANN staff members,” ICANN said.
It appeared that the attack commenced in November. Typically, spearfishing attacks dupe people into clicking on links to what appeared to be legitimate email log-in pages but aren’t or open attached files booby-trapped with viruses.
The ruse won hackers ICANN email user names and passwords, giving the intruders control of accounts and keys to reaching deeper, according to the blog post.
User names and passwords were used this month to access a Centralized Zone Data System, where hackers could get hold of files about generic top-level domains as well as names, addresses, passwords and other valuable information about users, according to ICANN.
Hackers were also said to have used compromised passwords to get into an ICANN wiki page; its blog, and a Whois index of registered owners of web addresses.
The blog and Whois did not appear to have been tampered with, according to ICANN, which provided no insight into who was behind the attack.
ICANN believed that security enhancements made earlier this year limited how deep hackers could dive into its computers. More defense measures have been instituted since the hack, according to ICANN.
The organization’s chief security officer is Jeff Moss, who founded the notorious annual Def Con gathering of hackers in Las Vegas and has the hacker name Dark Tangent.
ICANN, which is in charge of assigning Internet domain names, is expected to break free of U.S. oversight late next year.
Washington said in March it might not renew its contract with the Los Angeles-based agency, provided a new oversight system is in place that ensures the Internet addressing structure is reliable.
The agency plans to submit a proposal on oversight to the U.S. Department of Commerce next year.
-
Hollywood outraged after U.S. theaters cancel ‘The Interview’
Actors Ben Stiller, Steve Carell, Rob Lowe criticized the decision made by movie theaters and Sony Digital -
Sony hackers reference 9/11 in new threats against theaters
The group also released a trove of data files including thousands of emails from the inbox of Sony Entertainment CEO Michael Lynton Digital -
Iran hackers may target U.S. energy, defense firms, FBI warns
The FBI’s technical document said the hackers typically launch their attacks from two IP addresses that are in Iran Features -
Hackers urge Sony to pull comedy film on North Korea
“The Interview” stars Seth Rogen and James Franco Digital -
Iran hackers target airlines, energy, defense companies
The scope and sophistication of the attacks suggested the hackers had state backing Digital -
Hackers force message on websites via U.S. firm
Gigya CEO: hackers rerouted Internet traffic from the company to a computer server Digital -
Hackers find backdoor into iPhones and iPads
A new malware is able to first infect Max OS X machines then infiltrate all other Apple’s iOS mobile operating systems and other tablets Digital