News

ICANN publicity may have triggered malicious behavior

By Tim Conneally | Published June 27, 2008, 1:36 PM

On a week when ICANN's decisions were headlining hundreds of tech news sites, several of the group's pages were defaced by a group of hackers, and a phishing scam spoofing the group's page hit inboxes across the country.

Yesterday, a Turkish group known as "NetDevilz" -- which is linked to a reported 31 perpetrated attacks just this year, as tracked by site Zone-H -- hijacked icann.com, icann.net, iana.com, and iana-servers.com, all sites belonging to the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet Assigned Numbers Authority (IANA).

The defacement replaced pages' contents with the group's name, and the message "You think that you control the domains but you don't! Everybody knows wrong. We control the domains including ICANN! Don't you believe us? haha :) (Lovable Turkish hackers group)."

The phishing attack was launched several days before ICANN's site was defaced and targeted domain name owners. The e-mails that were sent contained the following text:

>Dear Domain Account Holder, > >You are being sent this notice from ICANN due to the fact that you >currently own an active domain name. ICANN is currently upgrading all >domains from their registry database. > >The upgrade will introduce new control options for your domain and easier >access. The new upgrade is required by the registry. All domain users are >expected to submit their domain information manually at >http://www.icannresolve.com/[spoofed site name removed] with the >required information for ICANN to apply the required updates. > >The upgrades will be applied to accounts on a first come, first serve >basis. You have until July 25, 2008 to submit the required information to >avoid service and domain interruption. > >Thank you for your time. > >Sincerely, > >ICANNResolve >ICANN.org Resolutions Department

The spoofed site, which has since been removed, was a faithful representation of the pre-hack ICANN page design, with blank fields for all harvestable user information.

Comments

View comments by with a score of at least

partypop
Jun 30, 2008 - 10:03 AM

Its a shame that people who speak English as a second language can deface and hack our sites and take control of our airplanes. We are obviously doing something wrong.
When are people going to realize the "America is untouchable attitude" is not working.
The proof is in the firewall and protection. Lets gets with the program people.

Score: 0

|
Post Reply
daq
Jun 30, 2008 - 2:34 PM

TAKE OFF THE TIN HAT!

Score: 0

|
Post Reply

Google Chrome 4: Yes, it's fast, but is it usable?

As Betanews readers have responded to our stories about Chrome's JavaScript superiority...Does that mean we'd actually use this browser? Well...

Video: Netflix on PlayStation 3

Netflix has come to the PlayStation 3 via Blu-ray and BD-Live.

Verizon Wireless launches new Android, Chocolate, and ruggedized phones

The lower-priced Eris joins the Droid, while the Chocolate gets a touchscreen and more music playback.

Early sales figures for Windows 7 nicely high, but do we know why?

Fans of triple-digit surges in figures quoted by Betanews will love this one, as it appears Microsoft rediscovered how to pull off a software launch.

Myka announces its latest Linux-based 'net top box'

Myka's ION brings Boxee, XMBC, and much more to HDTVs.

What hath Mac wrought? A remembrance after a quarter-century

The reason there's a Macintosh today is not because of some brilliant flash of engineering genius, but because Apple had the audacity to learn from its mistakes.

Early build of Moblin 2.1 improves connectivity, but not device support

The Linux Foundation's Atom-centric OS yesterday received a major overhaul with the project release of Moblin 2.1 for netbooks and nettops.

The iPhone's China syndrome: Sales of 5,000 and climbing

There's actually a country where Apple's device is not a godsend, where sales can be measured in the dozens.

New European counterpart to FCC will ensure 'a more neutral net'

Late Thursday night, the ruling telecom administrators of the EU's member nations signed away their final authority to a new entity overseen by the EC.

Sophos study suggests Windows 7 UAC's default setting is self-defeating

Without any anti-virus installed, a Sophos test showed, User Account Control was only capable of thwarting just one malware package out of ten samples chosen.

Indiscreet tweet trips awareness of Web SSL vulnerability

A group of high-level security engineers had been making progress on thwarting a low-level threat to the Web, until somebody blurted it all out on Twitter.