Journal oblonski's Journal: ICANN gets pwned!!! 1
SANS Internet Storm Center has a story http://isc.sans.org/diary.html?storyid=4637&rss/ up about the hijacking of ICANN's domain by a group of Turkish pranksters called the NetDevilz. It was also reported by Bruce Sterling at his WIRED blog over here http://blog.wired.com/sterling/2008/06/icann-gets-pwne.html/
From the SANS report:
In the past couple of days, reports have surfaced on the hijacking of the domains for ICANN and IANA attributed to the group NetDevilz.
According to news articles, an ICANN spokesman stated they were unaware of the events. The total time for the redirection before the entry was corrected was about twenty minutes. However it will take 24 to 48 hours after the correction to ensure all the DNS entries are updated. In that time, users were redirected to a site that stated the follow:
"You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us? haha :) (Lovable Turkish hackers group)"
What triggered the changing of the DNS entries has not been disclosed that I have found. Dancho Danchevs blog shows an email address listed in the updated records and note the email address in the entry called "foricann1230@gmail.com" as well as the date they were updated as June 26. Regardless of how it happened (though I'm sure everyone would like to know) there is a big concern here. Nothing on the internet is safe and if this can happen to these folks, it can happen to anyone.
From the SANS report:
In the past couple of days, reports have surfaced on the hijacking of the domains for ICANN and IANA attributed to the group NetDevilz.
According to news articles, an ICANN spokesman stated they were unaware of the events. The total time for the redirection before the entry was corrected was about twenty minutes. However it will take 24 to 48 hours after the correction to ensure all the DNS entries are updated. In that time, users were redirected to a site that stated the follow:
"You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us? haha
What triggered the changing of the DNS entries has not been disclosed that I have found. Dancho Danchevs blog shows an email address listed in the updated records and note the email address in the entry called "foricann1230@gmail.com" as well as the date they were updated as June 26. Regardless of how it happened (though I'm sure everyone would like to know) there is a big concern here. Nothing on the internet is safe and if this can happen to these folks, it can happen to anyone.
First!!! (Score:1)