Published in News

Hackers hit ICANN

by on19 December 2014



Yes we CANN!

Unknown hackers hit vital systems belonging to ICANN, the organization that manages the global top-level domain system. Apparently they had access to the system that manages the files with data on resolving specific domain names. The attack apparently took place in November and ICANN officials discovered it earlier this month.

It all started with a spear phishing campaign that targeted ICANN staffers and the email credentials of several staff members were compromised. The attackers then gained access to the Centralized Zone Data System, the system that allows people to manage zone files. The zone files contain quite bit of valuable information, including domain names, the name server names associated with those domains and the IP addresses for the name servers.

The attacker obtained administrative access to all files in the CZDS. This included copies of the zone files in the system, as well as information entered by users such as name, postal address, email address, fax and telephone numbers, username, and password.
Although the passwords were stored as salted cryptographic hashes, we have deactivated all CZDS passwords as a precaution. Users may request a new password at czds.icann.org.

ICCAN warned CZDS users to take appropriate steps to protect any other online accounts for which they might have used the same username and/or password. Officials said that ICANN had implemented enhanced security measures earlier this year, which likely helped prevent further damage from the attack.

Rate this item
(0 votes)