Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Hackers Compromise ICANN Computers

Hackers Trick Way Into ICANN Computers 

The private agency that acts as a gatekeeper for the Internet on Wednesday said that hackers tricked their way into its computers.

Hackers Trick Way Into ICANN Computers 

The private agency that acts as a gatekeeper for the Internet on Wednesday said that hackers tricked their way into its computers.

A “spearfishing” attack aimed at US-based nonprofit Internet Corporation for Assigned Names and Numbers (ICANN) hooked staff members with emails crafted to appear as though they were sent from peers using “icann.org” addresses, according to a blog post.

“The attack resulted in the compromise of the email credentials of several ICANN staff members,” ICANN said.

It appeared that the attack commenced in November. Typically, spearfishing attacks dupe people into clicking on links to what appeared to be legitimate email log-in pages but aren’t or open attached files booby-trapped with viruses.

The ruse won hackers ICANN email user names and passwords, giving the intruders control of accounts and keys to reaching deeper, according to the blog post.

User names and passwords were used this month to access a Centralized Zone Data System, where hackers could get hold of files about generic top-level domains as well as names, addresses, passwords and other valuable information about users, according to ICANN.

Hackers were also said to have used compromised passwords to get into an ICANN wiki page; its blog, and a Whois index of registered owners of web addresses.

Advertisement. Scroll to continue reading.

The blog and Whois did not appear to have been tampered with, according to ICANN, which provided no insight into who was behind the attack.

ICANN believed that security enhancements made earlier this year limited how deep hackers could dive into its computers. More defense measures have been instituted since the hack, according to ICANN.

The organization’s chief security officer is Jeff Moss, who founded the notorious annual Def Con gathering of hackers in Las Vegas and has the hacker name Dark Tangent.

ICANN, which is in charge of assigning Internet domain names, is expected to break free of US oversight late next year.

Washington said in March it might not renew its contract with the Los Angeles-based agency, provided a new oversight system is in place that ensures the Internet addressing structure is reliable.

The agency plans to submit a proposal on oversight to the US Department of Commerce next year.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...